The report, The Middle East & Africa State of Cyber Resilience, questioned over 660 regional and global cyber risk decision makers and analyses how cyber risk is viewed by various functions and executives in leading organizations, including cybersecurity and IT, risk management and insurance, finance, and executive leadership.
According to the report, confidence in their organization’s core cyber risk management capabilities – including the ability to understand/assess cyber threats, mitigate/prevent cyber-attacks, and manage/respond to cyber-attacks – remains a major concern for the region’s business leaders. Over three quarters (76%) in the Middle East & Africa having no confidence in their own organization’s cyber resilience.
Other findings include:
The majority of organizations are still struggling to understand the risks posed by their vendors and digital supply chains as part of their cybersecurity strategies. 60% of respondents stated that they have not conducted a risk assessment of their vendors or supply chains.
A third (37%) of organizations admitted to not having any kind of cyber insurance in place even though it is a key element in managing cyber risk. -
More than half (54%) of the those organizations who had procured insurance acknowledged that doing so was accepted best practice within their business sector and had helped them adopt a more stringent and resilient approach to cyber risks.
Three quarters (75%) recognised that insurance was an important part of any cyber risk management strategy.