Tenable, Inc., the Cyber Exposure company, has published results of a study that found 86% of Saudi organizations suffered a business impacting cyberattack* attributed to vulnerabilities in technology put in place during the pandemic. The data is drawn from ‘Beyond Boundaries: The Future of Cybersecurity in the New World of Work,’ a commissioned study of more than 1,300 security leaders, business executives and remote employees, including 104 in The Kingdom of Saudi Arabia, conducted by Forrester Consulting on behalf of Tenable.
The pandemic accelerated remote work for many Saudi organizations. In fact, 91% of organizations now have remote employees, up from just 34% in early 2020. Moving forward, the vast majority of organizations (91%) plan to adopt this remote working model permanently.
To facilitate the new world of work, cloud adoption has surged. Seventy-seven percent of Saudi organizations have moved business-critical functions to the cloud — including human resources (80%) and accounting and finance (60%).
However, this change to working practices has increased organizations’ risks. By their own admission, 63% of Saudi organizations are prepared to support new workforce strategies from a security standpoint, while 67% believe moving business-critical functions to the cloud exposes the organization to increased cyber risk.
When looking at the impact of this increased risk, threat actors are taking advantage. Ninety-eight percent of organizations experienced a business-impacting cyberattack in the last 12 months, with 33% falling victim to five or more. Fifty-seven percent of Saudi organizations said these attacks targeted remote employees.
“Remote and hybrid work strategies are here to stay and so will the risks they introduce unless organizations get a handle on what their new attack surface looks like,” said Amit Yoran, CEO, Tenable. “This study reveals two paths forward — one riddled with unmanaged risk and unrelenting cyberattacks and another that accelerates business productivity and operations in a secure way. CISOs and CEOs have the opportunity and responsibility to securely harness the power of technology and manage cyber risk for the new world of work.”
IT and security teams are quickly rolling out tools for connectivity, collaboration and productivity, while also moving business-critical data to the cloud to support a remote and hybrid working environment. Organizations must reevaluate their approach to maintaining security, aligned to the business, in order to effectively reduce the risks introduced.
“The pandemic has seen the corporate perimeter shattered,” said Maher Jadallah, Senior Director Middle East & North Africa, Tenable. “Cloud adoption and remote working practices were being cautiously adopted in Saudi, but in the last eighteen months this transition has exponentially accelerated. Attackers have seized on the opportunity, as this study reveals, which means understanding what poses a risk to the business and managing that risk effectively is imperative.”
Further results from the study, including how organizations can manage risk in the new world of work, are available.