Having covered the evolution of cybersecurity in recent years we still remain confused. The pandemic resulted in a widening of threat vectors that many businesses were not fully prepared for, but given the frequency and potentially devastating effect of a cyber attack, one would think that businesses are taking security more seriously.
This as a new report conducted by insurance company Marsh and Microsoft paints a rather bleak and puzzling picture. The Middle East and Africa Insights – The State of Cyber Resilience report, as it is titled, identified six key trends for the MEA region.
Leveraging the insights from 660 business leaders across MEA, a highly concerning statistic was revealed – that only 4 percent of business leaders believe their company can successfully deal with a cyber attack.
“The toll of almost three years of unrelenting workplace disruption, digital transformation and ransomware attacks means just 4% of regional business leaders are confident in their organization’s ability to manage cyber risks,” Marsh explains in a press release sent to Hypertext.
While we appreciate the disruption that past few years has caused, this figure seems at odds with the fact that most employees in an organisation should now be fully aware of just how important solid cyber security practices are.
An additional concern is the low level of confidence in terms of the cyber resiliency of organisations in recovering from a cyber attack.
“According to the report, business leader’s confidence in their organization’s core cyber risk management capabilities – including the ability to understand/assess cyber threats, mitigate/prevent cyber-attacks, and manage/respond to cyber-attacks – remains a major concern for the region’s business leaders – with over three quarters (76%) having no confidence in their own organization’s cyber resilience,” the release adds.
This is a serious red flag for consumers and customers, many of whom are required to share their data with companies in order to gain access to services or solutions.
“It’s not about if you will get attacked, it’s a matter of when it will happen, which makes it all the more surprising that organizations continue to take a siloed approach rather than looking at the risk from an enterprise-wide perspective,” warns Spiros Fatouros, CEO of Marsh Africa.
With 60 percent of respondents stating that they have not conducted a risk assessment of their vendors or supply chains, the situation is growing increasingly precarious. Add to that the fact that 37 percent of organisations admitted to not having any kind of cyber insurance in place even though it is a key element in managing cyber risk, and the outlook is even worse.
We are once again left a little flabbergasted by the notion that large enterprises and multinationals have not taken the continued threat of cyber security more seriously.
In the view of Marsh, immediate action is needed, with enterprise-wide communication and strategies required.
“Cyber risks are pervasive across most organizations. Successfully countering cyber threats needs to be an enterprise-wide goal, aimed at building cyber resilience across the firm, rather than singular investments in incident prevention or cyber defense. Greater cross-enterprise communication can help the region’s businesses bridge the gaps that currently exist, boost confidence, and better inform overall strategic decision making around cyber threats,” concludes Fatouros.
To find our more of the insights, you can download (PDF) and read the report for yourself here.
[Image – CC 0 Pixabay]