Tech Reports
The Top Digital Threats Facing Organizations in the Region
Top threats
- Of nearly 30,000 critical risk alerts identified by Help AG in 2023, the dominant threat categories were found to be Credential Theft (49%) and Brand Abuse (39%), while Data Leakage and Phishing represented 10% and 1.5% of use cases respectively.
- Cyberthreats majorly impacted the Education (36%), Aviation (29%), and Healthcare sectors (15%), which represented a combined 80% of targeted organizations in the GCC.
- Organizations in the Government (8%), Investment (7%), and Banking and Finance (4%) sectors followed, as transactions in these sectors became increasingly digitized.
- There was a 42% jump in Distributed Denial-of-Service (DDoS) attacks in 2023, with Help AG recording 213,434 attacks of this nature.
- The longest DDoS attack lasted for over 5 days, while the largest attack by bandwidth logged in at a record-breaking rate of 461.5 Gigabits per second (Gbps).
- 40% of DDoS attacks targeted the Government sector in 2023, followed by 29% for the Telecoms sector, 9% for Aviation, and 5% for Oil & Gas.
- The Financial and Telecoms sector experienced the largest DDoS attacks by volume, logging in at 461.5 Gbps and 302.2 Gbps, respectively.
- Trends in cybersecurity investment
- In 2023, cyber defense investments doubled amid the continuing digital transformation surge, with GCC enterprises and governments exhibiting growth in:
Cybersecurity Estate Consolidation: 100+% growth in technology and vendor relationships consolidation.
Managed Cyber Defense: Investment skyrockets due to the increasing complexity of the digital threat landscape.
Cybersecurity Advisory: 2x growth in investments due to the growing regulatory compliance requirements.
DDoS Protection: Complementing classic DDoS protection with adaptive solutions.
- Investments spanned preventative, detective, responsive, and predictive controls.
- Multi-factor authentication implementations rose by 16%, while patch management processes saw a 13% increase, highlighting critical efforts to thwart threat actors and maintain system integrity.
- Implementation of web application firewalls increased by 9%, and identity access management also grew by 9%, indicating a strengthening of web and identity security frameworks.
- Privileged access management saw a 10% increase, enhancing security for critical server access, and dedicated data activity monitoring rose by 15%, reflecting growing concerns over data privacy and protection.