It was around three-and-a-half decades ago that the world experienced its first major security attack. The Morris Worm shut down 10 percent of the Internet in just 24 hours, sending unsuspecting businesses into a flat tailspin. And so, the very first Computer Emergency Response Team was born, marking an important milestone in modern cybersecurity.
Looking back, it’s fascinating to see how far incident response has come. With the revolutionary capabilities of AI under the spotlight, the future of cybersecurity is a key topic of conversation – especially for businesses in the Middle East.
As a new era in cybersecurity unfolds, these four key trends will help shape the security discourse in the region.
Ransomware is becoming more sophisticated
While the Middle East and Africa have always been prime targets for malware and ransomware attacks, these occurrences are increasing in number and sophistication. Recent Microsoft-IDC research shows the growing number of ransomware attacks is the top security challenge faced by organizations in the UAE - hardly surprising given that 40 per cent of UAE-based organizations impacted by ransomware were forced to shut down last year, losing a total of $1.4 million.
Hackers will continue to use these tried and tested techniques but will also make use of AI to enhance the speed and accuracy of their attacks.
Smarter workplaces provide hackers new entry
Organizations across the region have made significant changes to their cybersecurity strategy to accommodate the growing number of remote users. In fact, 91 per cent of Middle East IT organizations saw a rise in connected devices on their company’s network.
While IT teams have been preoccupied by remote work, largely perceiving ransomware as an IT-focused threat, these attacks have become more prevalent in operational technology (OT) environments. Including everything from industrial equipment to HVAC controllers, smart conference rooms and even elevators.
During 2022, Microsoft’s threat intelligence revealed an increase in threats exploiting OT controllers and Internet of Things (IoT) devices like routers and cameras. As the number of connected devices continues to rise, it becomes easier for attackers to come up with more varied ways of mounting large-scale attacks.
AI is becoming more mainstream
The good news, however, is that AI and machine learning are arriving in the mainstream. Microsoft-IDC research shows 48 per cent of companies in the UAE plan to address security concerns by improving the automation of processes and integration of technologies.
While there’s long been a perception that attackers have the advantage of surprise, AI can swing the agility pendulum back in the favour of defenders. Al empowers defenders to see, classify and contextualize much more information, much faster than even large teams of security professionals can collectively analyse.
Skills gap will be less challenging
AI also enables human defenders to operate more quickly and efficiently than before. This is key for IT teams across the region, given the growing skills gap among security professionals. Around 74 per cent of businesses in the UAE identified upskilling as a vital step to increase the level of security in their organization, according to the Microsoft-IDC research.
The more teams can tap AI to provide clear views of cyber-threats, the more they can open the door for entry-level talent, while also freeing highly skilled defenders to focus on bigger challenges. Though Al won’t be the silver bullet that solves security in 2023, it is the turning point for rapid acceleration in protecting against bad actors.