78% of Businesses in Middle East and Türkiye Expect a Cyberattack Within a Year, But Only 46% Feel Prepared For It

(MENAFN- Procre8) Dubai, UAE, 3rd October, 2024 — The majority (78%) of business leaders in the Middle East and Türkiye (MET) expect to suffer a cybersecurity incident in the next 12 months, but only 46% of organizations feel well prepared to deal with one. That’s according to new research from leading connectivity cloud company Cloudflare, Inc. (NYSE: NET).

The research, conducted with nearly 1,000 business and technology leaders across the Middle East and Türkiye, as part of a larger study which included more than 4,000 enterprises across 13 European markets, showed the following results:

Cyberattacks are pervasive and increasing in volume and frequency
● 82% of MET organizations have experienced at least one cybersecurity incident in the last 24 months, with most having experienced multiple attacks.
● Among organizations that were attacked in the past year, 84% reported more incidents compared to previous years. 42% say the volume has increased significantly.
● Among the respondents who reported that their organization had experienced an incident in the last 12 months, 48% experienced anywhere between 1 and 10 incidents. In fact, more than a quarter (27%) of this group reported between 11 and 30 incidents, while a further 15% experienced between 31 and 60 — a rate of one incident every six to 11 days.

Industries and companies most affected
● Financial Services (63%) and IT & Technology (61%) are commonly targeted. The lower frequency of incidents in Healthcare (49%) is counterintuitive — the industry tends to be a highly targeted sector because it often suffers from a lack of investment and because systems hold vast amounts of sensitive patient data. In terms of industries, Education and Retail emerged as those least impacted, which is surprising given the high volumes of sensitive data at stake in both.
● Medium-sized organizations are revealed to be most vulnerable, with 58% having experienced an incident in the past year. Smaller organizations were less likely to have been affected, with just 39% experiencing an incident in the past year.
● Businesses in the Business and Professional Services, Energy, Utilities and Natural Resources, Travel, Tourism and Hospitality, and Government industries are most prepared for cyberattacks whereas those in Media and Telecoms and Transport, Construction and Real Estate sectors are least prepared, given that they have experienced fewer incidents.

MET organizations need to watch out for these attack vectors
● According to the MET’s business and technology leaders, the top three most common types of cyberattack they face are web attacks (69%), malware - defined as viruses, worms, and Trojans - (62%) and phishing (55%). Other common threats are ransomware and spyware (38%), business email compromise (36%), and API attacks (32%).

Cost of a breach is more than just financial
● The financial losses arising from incidents can rack up quickly. Among the 53% of respondents whose organizations experienced a cybersecurity incident in the past year, 77% estimated the financial impacts to be at least US$1 million, while one third (38%) estimated the loss to be US$2 million or more.
● Financial loss is not the only impact organizations have suffered. Nearly four out of 10 (38%) organizations have had to put growth plans on hold in the aftermath of an incident, and nearly four in 10 (37%) have had to lay off staff as a result of the financial impact. Other organizations have been subjected to legal action or been forced to pay fines as a result of incidents.

Leadership teams are taking action
● 74% of respondents expect the proportion of their IT budget dedicated to cybersecurity to rise over the next year. Just 9% foresee a decrease, and 16% foresee no change. This is a positive sign, as organizations need to prepare for the increased volume of incidents they predict in the year ahead.
● For most, protecting their networks remains the number one investment area, with nearly 22% of the budget allocated to this pillar on average.

A mixed picture of solution deployment
● Encryption is currently organizations’ most deployed solution, with secure web gateways and firewall-as-a-service (FWaaS) not far behind.
● Regarding Secure access service edge (SASE), only 15% have fully implemented this model while 32% have progressed towards implementation. There is cause for optimism though as 70% respondents are now working with a single SASE vendor, which may reduce complexity and help speed up deployment.
● Zero Trust network access is a long way behind, despite widespread recognition of its ability to protect hybrid or remote workers. Over half (57%) say that Zero Trust adoption is still in its early stages. 38% believe that a lack of understanding is the single biggest barrier to adoption.

“Organizations across the Middle East and Türkiye are managing an increasingly complex cybersecurity landscape, all while ensuring operational efficiency, regulatory compliance, and uninterrupted productivity. With incidents on the rise in both volume and frequency, this balancing act becomes even more challenging, leaving leaders with a sense of diminishing control over their organizations’ technological and security frameworks,” said Bashar Bashaireh, RVP Middle East and Türkiye at Cloudflare.

“This significant challenge requires innovative solutions capable of integrating diverse technological components into a cohesive and agile framework. The age of siloed legacy infrastructures is giving way to a new model of "any-to-any" cloud platforms, creating catalysts for innovation and growth. By concentrating on strategic integration, any-to-any cloud platforms empower leaders to securely transform technological challenges into competitive advantages. Adopting this approach will help shape a future where connectivity and innovation are at the heart of business success, opening the door to unlimited possibilities,” adds Bashaireh.

To find out more, please check out:
● Shielding the Future: Middle East & Türkiye Cyber Threat Landscape Report

Survey Methodology
This survey was conducted by Sandpiper Communications, on behalf of Cloudflare across a total of 991 leaders in Middle East & Türkiye responsible for cybersecurity in small (150 to 999 employees), medium (1,000 to 2,499 employees), and large (more than 2,500 employees) organizations. Respondents were drawn from a wide range of industries: Business & Professional Services; Construction & Real Estate; Education; Energy, Utilities & Natural Resources; Financial Services; Gaming; Government; Healthcare; IT & Technology; Manufacturing; Media & Telecoms; Retail; Transport; Travel and Tourism & Hospitality. Respondents were based in 3 markets across the Middle East and Türkiye: Kingdom of Saudi Arabia, United Arab Emirate, and Türkiye, and were surveyed online and recruited via general business panels. The survey was aimed at building a better understanding of the threat landscape facing Chief Information Security Officers (CISOs) and their teams across these three countries, unearthing valuable insights and trends, and gauging responses and outcomes. The survey was conducted in March 2024.

About Cloudflare
Cloudflare, Inc. (NYSE: NET) is the leading connectivity cloud company on a mission to help build a better Internet. It empowers organizations to make their employees, applications and networks faster and more secure everywhere, while reducing complexity and cost. Cloudflare’s connectivity cloud delivers the most full-featured, unified platform of cloud-native products and developer tools, so any organization can gain the control they need to work, develop, and accelerate their business.
Powered by one of the world’s largest and most interconnected networks, Cloudflare blocks billions of threats online for its customers every day. It is trusted by millions of organizations – from the largest brands to entrepreneurs and small businesses to nonprofits, humanitarian groups, and governments across the globe.
Learn more about Cloudflare’s connectivity cloud at cloudflare.com/connectivity-cloud. Learn more about the latest Internet trends and insights at radar.cloudflare.com.
Follow us: Blog | X | LinkedIn | Facebook | Instagram

Forward-Looking Statements
This press release contains forward-looking statements within the meaning of Section 27A of the Securities Act of 1933, as amended, and Section 21E of the Securities Exchange Act of 1934, as amended, which statements involve substantial risks and uncertainties. In some cases, you can identify forward-looking statements because they contain words such as “may,” “will,” “should,” “expect,” “explore,” “plan,” “anticipate,” “could,” “intend,” “target,” “project,” “contemplate,” “believe,” “estimate,” “predict,” “potential,” or “continue,” or the negative of these words, or other similar terms or expressions that concern Cloudflare’s expectations, strategy, plans, or intentions. However, not all forward-looking statements contain these identifying words. Forward-looking statements expressed or implied in this press release include, but are not limited to, statements regarding Cloudflare’s plans and objectives, Cloudflare’s global network, and Cloudflare’s products and technology, Cloudflare’s technological development, future operations, growth, initiatives, or strategies, future market risks and trends, and comments made by Cloudflare’s RVP Middle East and Türkiye, and others. Actual results could differ materially from those stated or implied in forward-looking statements due to a number of factors, including but not limited to, risks detailed in Cloudflare’s filings with the Securities and Exchange Commission (SEC), including Cloudflare’s Quarterly Report on Form 10-Q filed on August 1, 2024, as well as other filings that Cloudflare may make from time to time with the SEC.

The forward-looking statements made in this press release relate only to events as of the date on which the statements are made. Cloudflare undertakes no obligation to update any forward-looking statements made in this press release to reflect events or circumstances after the date of this press release or to reflect new information or the occurrence of unanticipated events, except as required by law. Cloudflare may not actually achieve the plans, intentions, or expectations disclosed in Cloudflare’s forward-looking statements, and you should not place undue reliance on Cloudflare’s forward-looking statements.

MENAFN03102024003749002651ID1108743368