STRENGTHENING CYBERSECURITY WITHOUT COMPLEXITY

Exclusive interview with Rabih Itani, Regional Director, Middle East and Africa, WatchGuard Technologies

SMEs across the region often struggle to balance cybersecurity investment with operational costs and complexity. What practical steps can smaller businesses take today to strengthen cyber resilience without overwhelming their internal IT resources?

Cybersecurity does not need to be complex to be effective for SMEs. The priority should be implementing a small number of high-impact security controls that significantly reduce risks. These include enabling multi-factor authentication (MFA), maintaining a disciplined patch management process, deploying endpoint protection, securing emails and DNS traffic, and investing in regular employee awareness training to combat phishing and credential misuse.

The urgency is clear. Our recent H2 2025 Internet Security Report revealed that 96 per cent of blocked malware was delivered through encrypted TLS connections, while 23 per cent of threats evaded traditional signature-based detection methods. At the same time, cloud adoption has expanded the attack surface, introducing risks associated with shadow IT, risky SaaS configurations, and compromised identities.

However, SMEs do not need to tackle these challenges alone. According to our 2026 global MSP survey, nearly half of organisations already rely on external providers to augment internal IT teams, while more than half cite 24/7 monitoring as a capability they cannot deliver in-house. WatchGuard’s Unified Security Platform was designed to support this model, delivering integrated protection across network, endpoint, identity, and cloud environments through a simplified, scalable approach. Partnering with a trusted MSP gives SMEs access to managed detection and response, continuous monitoring, and threat intelligence at scale.

Why are ransomware, phishing, and identity-based attacks increasingly becoming board-level business risks rather than just IT concerns?

Cybersecurity has evolved from an IT issue into a business-critical risk because the consequences of a successful attack extend far beyond technology systems. Ransomware, phishing, and identity-based attacks can disrupt operations, expose sensitive data, damage brand reputation, impact customer trust, and trigger regulatory scrutiny, all of which have direct financial and strategic implications.

This shift is reflected in boardroom priorities. Our 2026 MSP survey found that 75 per cent of organisations expect cybersecurity spending to increase over the next two years, while 67 per cent require additional support managing compliance obligations. Security is now firmly embedded in broader business planning and risk management discussions.

The threat landscape reinforces this reality. The survey revealed that 33 per cent of organisations experienced malware infiltration in the past year, 32 per cent suffered phishing or business email compromise attacks, and 29 per cent reported data breaches or unauthorised access incidents. Nearly 75 per cent experienced at least one cybersecurity incident overall. In February 2026, the UAE Cybersecurity Council highlighted increasing attacks targeting critical infrastructure, including ransomware, network infiltration, and AI-enabled offensive tools.

Our H2 2025 Internet Security Report further documented a 1,548 per cent increase in unique malware during Q4 2025, alongside nearly 2,600 public ransomware extortion incidents in a single quarter. Considering this, cybersecurity can no longer be considered a technical concern. Boards require visibility into organisational risk, resilience, and response readiness to protect business continuity and long-term growth.

Many businesses still operate with fragmented security environments built around multiple standalone tools. Why do you believe unified cybersecurity platforms are becoming increasingly important for organizations looking to simplify security operations while improving visibility and protection?

Currently, complexity is one of the greatest challenges facing cybersecurity teams. Organisations relying on multiple disconnected tools often struggle with fragmented security environments, inconsistent policy enforcement, and slower incident response times. Security teams are forced to correlate alerts across different dashboards, slowing response and increasing the risk of missed threats.

Modern cyberattacks do not target a single environment. It moves across endpoints, identities, networks, and cloud applications simultaneously, which requires an integrated approach to detection and response. Our Unified Security Platform combines network security, endpoint protection, identity management, cloud visibility, and threat intelligence into a single coordinated ecosystem. Solutions such as our CloudDR further enhance visibility by identifying shadow IT, detecting identity threats, and automatically remediating misconfigurations.

Market demands reflect this transition. Our 2026 MSP survey found that organisations are prioritising faster incident response (38 per cent), better communication and greater transparency (31 per cent), AI-driven threat detection (44 per cent), and stronger identity and access security capabilities (35 per cent). Meanwhile, 58 per cent expect to switch providers within three years, citing rising costs without added value (39 per cent), a major security incident (39 per cent), and slow response times (36 per cent) as the primary triggers. A unified platform helps address these challenges by reducing operational complexity while improving both security effectiveness and customer experience.

Having worked across the technological ecosystem as an end user, integrator, and provider, how have you seen cybersecurity conversations evolve over the past decade, and what do you believe organizations across the region are still underestimating today?

Cybersecurity conversations have changed significantly over the past decade. Organisations have moved beyond a traditional focus on perimeter security and compliance checklists toward a broader emphasis on cyber resilience, identity protection, cloud security, and business continuity.

One of the most encouraging developments has been the evolution of the customer-provider relationship. In our recent 2026 MSP survey, we found that nearly half of organisations now view their MSP as either a strategic advisor (24 per cent) or a proactive partner (23 per cent), rather than simply a technology supplier. Businesses increasingly expect guidance, expertise, and measurable outcomes, not just products.

However, numerous organisations still underestimate the operational side of cybersecurity. While investments in technologies continue to grow, areas such as identity governance, employee training and awareness, incident response planning, and policy enforcement often receive less attention. Across the Middle East region, we can see a robust commitment from leadership teams to strengthen cybersecurity, but execution gaps remain, particularly in cloud security and identity management.

As cyber threats continue evolving, what are some of the most common mistakes businesses still make when approaching cybersecurity strategies today?

One of the most common mistakes organisations make is viewing cybersecurity as a collection of tools rather than an ongoing operational strategy. Many businesses invest heavily in multiple security solutions but lack the resources, expertise, or processes required to manage them effectively. The result is often alert fatigue, fragmented visibility, and slower incident response. This is where dedicated MSPs play a major role. The data is compelling. Around 94 per cent of organisations using a dedicated MSP or MSSP report confidence in their protection against emerging threats, compared to just 83 per cent of those relying on consulting or professional services firms.

Another persistent challenge is underestimating identity-based risk. Today’s attackers increasingly prefer to exploit stolen credentials and over-privileged identities rather than breach networks directly. Our H2 2025 Threat Report highlights the growing prevalence of identity-focused attack techniques, underscoring the need for stronger access controls, continuous monitoring, and proactive detection capabilities.

Currently, organisations continue to underestimate the human element of cybersecurity. Our 2026 MSP survey found that 37 per cent of businesses want more cybersecurity awareness training, while 31 per cent seek greater communication and transparency from their security providers. Technology alone cannot deliver resilience; people and processes remain equally important.

Ultimately, resilient organisations are those that take a holistic approach, combining strong identity security, MFA, endpoint protection, employee awareness and training, and tested incident response plans within a single, continuously managed cybersecurity strategy.