Survey reveals Middle East organizations don’t see cybersecurity as a priority

Despite high profile cyberattacks, almost half of the IT decision makers at 250+ employee organizations in the Middle East believe that cybersecurity is still not a significant priority for board members. That’s according to Fortinet’s latest Global Enterprise Security Survey, which highlighted that 47% of IT decision makers believe that IT security is still not a top priority discussion for the board.

It’s an alarming statistic to report about, given that malware and ransomware attacks have been growing steadily in the past year alone. As companies integrate more cloud services into their infrastructure, the security requirements need to change as well, allowing for more cloud services to communicate with local networks in a secure manner.

Speaking to Techradar at GITEX Technology Week, Kalle Björn, Director, Systems Engineering – Middle East at Fortinet says that with the growing number of IoT devices being brought into the corporate environment, companies need to look at ways to keep these devices away from core enterprise systems.

“A lot of IoT devices integrate with a network via WiFi, and we’ve got protocols in our portfolio that can help secure a wireless network and identify devices communicating with the network. A lot of times you’ll have corporate devices on the network that you’re managing anyway, but users may bring in other foreign devices that you need to monitor and isolate from your corporate network.”

‘…a few years ago, it would have been relatively easy to differentiate between a legitimate email and a phishing email.’

Kalle Björn, Fortinet

Expanding about common security threats in the region, Björn commented that ransomware was still greatly affecting local companies, and that users should be more vigilant about files that were sent to them. “There’s a lot that companies can do to secure themselves such as security patches and making sure you have advanced threat protections on your network, but even with these in place, what’s often missing is a policy for what to do if and when your network does get compromised. It’s important to know that when an attack occurs and say an encryption takes place, that there are backups available, and further measures in place to ensure that the attack doesn’t spread further.”

“If you look at phishing emails a few years ago, it would have been relatively easy to differentiate between a legitimate email and a phishing email. But now they are getting more and more advanced, so users are having a harder time figuring out when it is a hoax. Users need to be educated about the risks of opening files from unknown sources, or they will inevitably face the consequences.”

FortiGuard is Fortinet’s core solution to enterprise security threats, and forms the basis of most of their products. Customers who opt-in to provide feedback on detected threats helps Fortinet to update their signatures and also monitor security trends. An internal research team further pores over the data, and is distributed back into the FortiGuard network to be updated accordingly.

“We’ve actually begun to cooperate with a lot of different entities – we’re one of the founding members of the Cyberthreat Alliance, which is a group of large vendors such as McAfee, Symantec, etc., and the objective is to share information. So there’s tens of thousands of events that we’re sending out and receiving from everyone else on a daily basis,” said Björn.

Keep up-to-date with all the latest news and announcements coming out of GITEX Technology Week 2017 with TechRadar.