Now accepting applications for Fast Company Middle East’s Best Workplaces For Women 2023. Click here to register.

UAE-based security leaders, scarred by the sting of recent cyberattacks, are calling for a sweeping overhaul of their organizations’ cybersecurity strategies, emphasizing the need for enhanced training, process improvements, and technological advancements. A new report focused on the extent to which gaps in people, technology and the process contributed to a major cyber incident.

A Trellix report titled Mind of the CISO: Behind the Breach reveals a stark picture of cybersecurity preparedness, with 60% of respondents admitting that a recent cyber incident forced their organization to completely overhaul its cybersecurity strategy, signaling a collective awakening to the urgency of cybersecurity preparedness.

Over 60% of UAE respondents admitted that their organization’s security incident was missed due to resource constraints, often during off-hours when vigilance was diminished. Over half (52%) confessed that their IT expertise failed to address the incident’s complexities, underscoring the need for a more skilled cybersecurity workforce.

An additional 44% acknowledged that their IT infrastructure was not properly configured or that detection policies were not enabled, exposing them to cyber threats.

These technological shortcomings had a cascading effect on processes, with 52% of respondents lamenting that workflows could not be fully executed due to inadequate tools. Close to half (48%) pointed to their organization’s reliance on manual processes, hindering both the mean time to detect and the mean time to repair. 

Moreover, 44% decried the need for proper documentation and implementation of processes, while another 44% highlighted the lack of context arising from disconnected security controls.

Vibin Shaju, General Manager, UAE at Trellix, said: “What is clear from what interviewees told us is that people, processes, and tech are three legs of stool. If you overemphasize one, the stool becomes wobbly and can topple. There must be balance.”

Over 70% cited the benefits of extended detection and response (XDR), the emerging approach in cybersecurity that brings together disparate security tools in a powerful single-pane solution, saying it allows faster and more efficient threat detection and response.