Reports
2024 State of Security Report from HID: Mobile IDs, MFA and Sustainability Emerge as Top Trends
HID announces its 2024 State of the Security Industry Report, which gathered responses from 2,600 partners, end users, and security and IT personnel worldwide, across a range of job titles and organization sizes representing over 11 industries.
The 2024 State of Security Report delves into the underlying concerns driving upcoming innovations and the technologies that underpin them, helping security leaders to be proactive in adapting to evolving challenges. Conducted in the fall of 2023, this year’s survey reveals six themes, as follows:
- Mobile identity is expected to be ubiquitous in the next five years
Given the widespread use of mobile devices, momentum continues to build around their use in support of identity. Within the next five years, surveyed end users state that nearly 80% of organizations will deploy mobile IDs. Industry partners are even more optimistic in their outlook, stating that 94% of their customers will have deployed mobile IDs.
- Multi-Factor Authentication is widespread, despite slow but growing implementation of Zero Trust
More than 83% of end users respondents said their organization currently uses Multi-Factor Authentication (MFA), mainly due to the vulnerabilities of passwords. For many, this represents the first step on the longer journey toward Zero Trust, an approach to security that calls for organizations to maintain strict access controls and to never trust, always verify anyone – internal or external – by default. Zero Trust has been implemented in 16% of organizations with over 100,000 employees and 14% in those with up to 10,000 employees, according to the survey.
With MFA being widespread, the eventual end of passwords is imminent. The creation of new standards such as FIDO (Fast Identity Online), which uses “standard public key cryptography techniques to provide phishing-resistant authentication,” will pave the path to new and more secure authentication options that will be part of a more robust Zero Trust architecture.
- Sustainability becomes a growing driver in business decisions
Among HID’s survey respondents, sustainability continues to rank high as a business priority, with both end users and partners rating its importance at a “4” on a 1-to-5 scale. Additionally, 74% of end users indicate the importance of sustainability has grown over the past year, and 80% of partners reported the trend growing in importance among their customers.
As such, there will likely be a continued emphasis on solutions that minimize energy use, reduce waste, and optimize resource usage. A shift to cloud-based solutions and increased use of mobile devices are two clear strategies to reach these sustainability goals.
- Biometrics continues its impressive momentum
In this year’s survey, 39% of installers and integrators said their customers are using fingerprint or palm print, and 30% said they’re using facial recognition. The momentum continues to build as 8% plan to test or implement some form of biometrics in the next year and 12% plan to do so in the next three to five years.
- Identity management points up to the cloud
Nearly half of end users are moving to cloud-based identity management, with 24% already using it and another 24% in the process of implementing such systems. Industry partners say their customers face several hurdles here, including existing reliance on legacy/on-prem equipment (28%), lack of budget (24%), and cloud-based identities simply not being a business priority (21%).
- The rise of artificial intelligence for analytics use cases
Conversations about AI have come to dominate the business landscape, and many security professionals see AI’s analytic capabilities as the low-hanging fruit to enhance identity management. Rather than looking to AI to inform the entirety of the security system, it’s possible to leverage data analytics as a way to operationalize AI in support of immediate outcomes. In this scenario, 35% of end users reported they will be testing or implementing some AI capability in the next three to five years, with 15% already using AI-enabled biometrics.
Reports
Understanding the Risks of Deploying Artificial Intelligence: Key Insights from Arthur D. Little
As the digital landscape in the Middle East rapidly evolves, the challenges and essential safeguards needed for the ethical and effective integration of AI technologies in businesses are becoming increasingly critical.
The accelerated development and adoption of AI, particularly generative AI models like ChatGPT have brought significant benefits. However, the potential risks associated with these technologies cannot be overlooked. There is a pressing need for businesses to adopt proactive risk management strategies to address these risks effectively.
Generative AI Biases and Ethical Standards
Generative AI models are known to perpetuate biases inherent in their training data. These biases can reinforce stereotypes and underrepresent minority views across various dimensions, including:
- Temporal Biases: AI models may generate content that reflects outdated trends and viewpoints.
- Linguistic Biases: Predominantly English training data can lead to poor performance in other languages.
- Confirmation Biases: AI models may confirm their parametric memory even when faced with contradictory evidence.
- Demographic Biases: Biases towards specific genders, races, or social groups, such as generating images of flight attendants predominantly as white women.
- Cultural Biases: AI models can exacerbate existing cultural prejudices.
- Ideological and Political Biases: AI can propagate specific political and ideological views from its training data.
Hallucinations and Model Limitations
AI models occasionally produce false information, known as hallucinations, which can include:
- Knowledge-based Hallucinations: Incorrect factual information.
- Arithmetic Hallucinations: Incorrect calculations.
For example, Bard, an AI chatbot by Google, generated erroneous accusations about consulting firms in November 2023, illustrating the variability in hallucination rates among models.
Deepfakes and Cybersecurity Threats
The sophistication of AI technology has escalated the risks associated with deepfakes and cybersecurity. The ease of creating deepfakes and manipulating opinions with AI-generated content poses significant threats to societal stability. The surge in deepfake incidents and the enhanced credibility of phishing attacks due to AI highlight the urgent need for robust safeguards.
Proactive Risk Management
Businesses in the Middle East must adopt a proactive approach to AI risk management. Key recommendations include:
- Understanding Strategic Stakes: Identifying specific challenges and strategic stakes of AI implementation.
- Conducting Risk Assessments: Integrating thorough risk assessments as part of the initial opportunity landscape.
- Establishing AI Ethics Codes: Implementing clear AI ethics codes and cross-checking AI outputs.
- Upskilling Workforce: Training employees and leaders to understand and manage AI technologies.
- Addressing Trust and Cultural Issues: Facilitating smooth AI adoption by addressing employee trust and cultural issues.
Expert Insights
Dr. Albert Meige, Associate Director of the Technology & Innovation Management Practice at Arthur D. Little, emphasizes the importance of vigilance in AI deployment: “Generative AI holds immense potential, but we must be vigilant about its risks. It’s crucial that businesses in the Middle East adopt comprehensive risk management strategies to ensure that AI integration is both ethical and effective.”
Thomas Kuruvilla, Managing Partner at Arthur D. Little, Middle East, adds, “The Middle East is at the forefront of AI innovation, and with this leadership comes the responsibility to navigate the complexities of AI safely. Businesses need to harness AI’s power while mitigating its risks.”
Navigating the complexities of AI integration is essential for businesses aiming to enhance productivity and innovation without compromising ethical standards and public trust. By adopting recommended guidelines, businesses can effectively manage AI risks and harness its potential for sustainable growth and development.
Reports
Fortinet Annual Skills Gap Report Reveals Growing Connection Between Security Breaches and Skills Shortages
Fortinet recently released its 2024 Global Cybersecurity Skills Gap Report, which highlights ongoing challenges related to the cybersecurity skills shortage impacting organizations around the globe. The study also included large organizations from the UAE.
“The findings from our 2024 Cybersecurity Skills Gap Report highlight a critical issue facing organizations in the United Arab Emirates,” says Alain Penel, VP – Middle East, Turkey and CIS, at Fortinet. “Close to 58% of IT decision-makers cited the lack of training and upskilling opportunities as being their biggest challenge. This underscores the urgent need for enhanced cybersecurity training and certification programs, as 94% of our respondents said they were ready to pay to get their employees cybersecurity certified. It is also encouraging to see that 92% of IT decision-makers actively women into security roles, while 74% had plans to introduce diversity goals over the next 2-3 years. Fortinet is committed to supporting organizations to build a resilient cybersecurity posture by providing comprehensive training and certification programs through our pledge to train 1 million people in cyber by 2026. We aim to empower professionals with the necessary skills to protect against evolving cyber threats and secure their organizations effectively.”
Key findings from the global report include:
- Organizations are increasingly attributing breaches to the cyber skills gap.
- Breaches continue to have significant repercussions for businesses, and executive leaders are often penalized when they happen.
- Certifications continue to be highly regarded by employers as a validator of current cybersecurity skills and knowledge.
- Numerous opportunities remain for hiring from diverse talent pools to help address the skills shortage.
The Cyber Skills Gap Continues to Impact Companies Worldwide
An estimated 4 million professionals are needed to fill the growing cybersecurity workforce gap. At the same time, Fortinet’s 2024 Global Cybersecurity Skills Gap Report found that 70% of organizations indicated that the cybersecurity skills shortage creates additional risks for their organizations. Other findings that highlight the impact of the growing skills gap on companies worldwide include:
- Organizations are attributing more breaches to a lack of cyber skills. In the past year, nearly 90% of organizational leaders (87%) said they experienced a breach that they can partially attribute to a lack of cyber skills, up from 84% in the 2023 report and 80% the year prior.
- Breaches have a more substantial impact on businesses. Breaches have a variety of repercussions, ranging from financial to reputational challenges. This year’s survey reveals that corporate leaders are increasingly held accountable for cyber incidents, with 51% of respondents noting that directors or executives have faced fines, jail time, loss of position, or loss of employment following a cyberattack. Additionally, more than 50% of respondents indicate that breaches cost their organizations more than $1 million in lost revenue, fines, and other expenses last year—up from 48% in the 2023 report and 38% from the previous year.
- Boards of directors view cybersecurity as a business imperative. As a result, executives and boards of directors increasingly prioritize cybersecurity, with 72% of respondents saying their boards were more focused on security in 2023 than the previous year. And 97% of respondents say their board sees cybersecurity as a business priority.
Hiring Managers Value Continued Learning and Certifications
Business leaders widely regard certifications as validation of cybersecurity knowledge. This year’s survey also found that:
- Candidates with certifications stand out. More than 90% of respondents said they prefer hiring candidates with certifications.
- Leaders believe that certifications improve security posture. Respondents place such high value on certifications that 89% said they would pay for an employee to obtain a cybersecurity certification.
- Finding candidates who hold certifications isn’t easy. More than 70% of respondents indicated that it is difficult to find candidates with technology-focused certifications.
Companies Are Expanding Hiring Criteria to Fill Open Roles
As the cyber workforce shortage persists, some organizations diversify their recruitment pools to include candidates whose credentials fall outside traditional backgrounds—such as a four-year degree in cybersecurity or a related field—to attract new talent and fill open roles. The report also found that:
Organizations continue to have programs dedicated to recruiting from a diversified talent pool. Eighty-three percent of respondents said their organizations have set diversity hiring goals for the next few years, in line with last year’s report but slightly down from 89% in 2021.
- Diversity hiring varies from year to year. Despite ongoing recruitment targets, female hires are down to 85% from 89% in 2022 and 88% in 2021; hires from minority groups remain unchanged at 68% and up slightly from 67% in 2021; and veteran hires are up slightly to 49% from 47% in 2022, but down from 53% in 2021.
- While many hiring managers value certifications, some organizations still prefer candidates with traditional backgrounds. Despite many respondents saying they value certifications, 71% of organizations still require four-year degrees, and 66% hire only candidates with traditional training backgrounds.
Organizations Are Taking a Three-Pronged Approach to Building Cyber Resiliency
The increasing frequency of costly cyberattacks, combined with the potential of severe personal consequences for board members and directors, is resulting in an urgent push to strengthen cyber defenses across enterprises. As a result, organizations are focusing on a three-pronged approach to cybersecurity that combines training, awareness, and technology:
- Help IT and security teams obtain vital security skills by investing in training and certifications to achieve this goal.
- Cultivate a cyber-aware frontline staff who can contribute to a more secure organization as a first line of defense.
- Use effective security solutions to ensure a strong security posture.
Reports
85% of Companies in the GCC Rank Innovation as a Top Priority, Yet Face Significant Readiness Challenges
Companies in the Gulf Cooperation Council (GCC) prioritize innovation more than ever—with 85% of senior executives in the region ranking it among their organizations’ top priorities, slightly above the global average. This strong commitment to innovation reflects the region’s ambition to lead the global knowledge economy. A new report released by Boston Consulting Group (BCG) highlights this positive trend while noting opportunities for GCC firms to enhance their innovation readiness.
For its annual innovation study, Innovation Systems Need a Reboot, BCG assessed companies’ innovation maturity and surveyed senior innovation executives worldwide, including those in the GCC region.
While innovation continues to demonstrate value, the study shows that innovation systems globally need a reboot. Innovation priority remains at an all-time high, with 83% of global companies ranking it as a top-three priority. However, innovation readiness has sharply declined worldwide, from 20% two years ago to 9% last year and just 3% this year globally. This global trend is even more pronounced in the GCC, where firms exhibit even lower innovation readiness than the global average. The study reveals that while GCC organizations prioritize innovation at a higher level than their global counterparts, they face greater challenges in translating that ambition into readiness. This aligns with global patterns where companies across various regions are struggling to match their innovation priorities with practical readiness, though the gap appears more significant in the GCC.
“We are seeing GCC organizations prioritize innovation, with 85% of executives ranking it highly. However, converting this ambition into readiness remains a challenge,” said Faisal Hamady, Managing Director and Partner at BCG. “To close this gap, it is crucial to strengthen the link between innovation and business strategy. Organizations must benchmark processes, align them with strategic goals, and leverage Generative AI while addressing talent constraints and rising capital costs.”
Talent Challenges in a Changing Landscape
When GCC business leaders were asked to rank the challenges facing their innovation teams, talent pool constraints emerged as one of the top concerns, alongside the rising cost of capital.
“The GCC is in flux when it comes to attracting top talent,” noted Thibault Werle Managing Director and Partner at BCG “While Dubai, Abu Dhabi, and Riyadh have all ranked highly as cities of choice for global talent, the region is still in the nascent stages of building its talent pool. However, as we’ve seen with many initiatives in the GCC, if you build it, they will come. The rapid development of innovation ecosystems in these cities will likely accelerate talent attraction in the coming years.”
The study also highlighted the need for a broader ecosystem approach to innovation in the GCC, recognizing the crucial role of public sector leaders and national strategies in driving innovation alongside corporate efforts.
Generative AI Adoption on the Rise
The study found that 84% of GCC firms are starting to use Generative AI (GenAI) to drive innovation, reflecting the region’s embrace of cutting-edge technologies. However, as with global trends, most organizations are still in the early stages of GenAI adoption.
“GenAI presents a significant opportunity for GCC innovators to boost efficiency and bring fresh perspectives to their organizations,” said Managing Director and Partner, Faisal Hamady. “As the region continues to invest in digital transformation and AI capabilities, we expect to see more widespread and sophisticated use of GenAI in innovation processes.”
Six Key Recommendations for Linking Innovation with Business Strategy
Practical foresight in strategy is crucial for GCC companies to succeed. Companies can position themselves at the forefront of their industries by being proactive, anticipating future trends, and aligning innovation efforts with strategic goals. To improve innovation readiness and link innovation with business strategy, BCG recommends focusing on six key elements.:
- Executive ownership: Ensure innovation is championed by the CEO or other prominent members of the C-suite.
- Clear sense of purpose: Develop a shared story on the purpose of innovation and how it supports the company’s strategy.
- Focus on competitive advantage: Explicitly focus on opportunities where the organization has an explicit right to win.
- Specified domains: Center the innovation portfolio on areas that support the overall strategy.
- Target portfolio structure: Create a vision for how resources should be deployed across the innovation portfolio.
- Quantified objectives: Establish a fact-based perspective on how innovation contributes to financial goals.
Looking Ahead
As GCC economies diversify towards knowledge-based sectors, strategic innovation becomes crucial. By addressing current challenges and aligning innovation with business strategy, GCC companies can compete globally and drive regional economic growth. Leveraging emerging technologies like GenAI while maintaining a clear strategic vision will be instrumental. To close the readiness gap, leaders in the GCC need to sharpen the link between innovation and strategy while leveraging AI. Additionally, putting in an outsized effort to address talent constraints and funding challenges, especially in light of rising capital costs, will be critical. This approach will improve innovation readiness, enhance talent attraction, and accelerate technological advancement, positioning the GCC as a global innovation hub.
-
Tech News3 months ago
Denodo Bolsters Executive Team by Hiring Christophe Culine as its Chief Revenue Officer
-
Tech Interviews7 months ago
Navigating the Cybersecurity Landscape in Hybrid Work Environments
-
Tech News7 months ago
Brighton College Abu Dhabi and Brighton College Al Ain Donate 954 IT Devices in Support of ‘Donate Your Own Device’ Campaign
-
Features4 months ago
Security in the Cloud Age: Combating Risks with Hybrid Cloud Solutions
-
Tech Features4 months ago
The Middle East to Lead with Next-generation Mission Critical Communication Advancement
-
Automotive7 months ago
Al-Futtaim Automotive Builds On 23-Year Legacy of Trust & Leadership in UAE’s Pre-Owned Car Market to Sell Over 25,000 Used Vehicles in 2023
-
Tech News10 months ago
Senet enters MENA’s Competitive Gaming Scene with ‘skill-to-earn’ Platform
-
Tech Features8 months ago
How Telecommunications Providers Can Best Tackle DDoS Attacks