infographic their organisation from cyberattacks – most originating from Wi-Fi access points as a result of a remote workforce ( 41 %), third-party and / or supply chain providers ( 39 %), IoT devices or networks ( 38 %) and cloud infrastructure or applications ( 36 %).
7 . Phishing was the most common attack method against organisations that were breached , accounting for 62 % of attack methods in the past year .
8 . Collectively , the estimated average value of UAE organisational losses – including direct and indirect financial losses as well as reputational harm and remediation expenses – resulting from those breached in the past year was roughly 8 million AED ( US $ 2.2 million ).
9 . UAE organisations used a variety of controls to protect their networked assets in on-premises , cloud-based and hybrid ( on-premises and cloud-based ) environments . The most prevalent are VPN / access controls ( 29 %) for onpremises ; DNS security ( 48 %) and cloud access security brokers , data encryption and secure provisioning and deprovisioning ( 44 % each ) for cloud-based environments .
10 . On average , most organisations ( 69 %) take up to 24 hours to investigate a threat , with many relying on third-party threat intelligence platforms or services .
11 . The DNS provides various security measures to protect organisations and is a key component in virtually all organisations ’ security strategies .
12 . The top anticipated challenges in protecting against attacks relate to the ability to monitor remote worker access ( 38 %), respond to alerts ( 31 %), shortage of IT security skills ( 30 %) and deal with limited budgets ( 35 %).
13 . 62 % of UAE organisations indicated their IT security budgets increased in 2022 and 72 % said they expected bigger security budgets in 2023 to combat known and new threats .
14 . The most popular planned technology purchases include network traffic monitoring / network detection and response ( NDR ) and threat intelligence ( 50 % each ) for hybrid environments ; data loss protection , cloud access security brokers ( CASBs ) and DNS security ( 39 % each ) for cloudbased systems ; secure provisioning and deprovisioning ( 27 %), VPN / access controls ( 25 %) and endpoint detection and response ( 24 %) for on-premises protection . u
www . intelligentciso . com
23