Gartner Blog Network

The Middle East cannot continue to throw money at Cybersecurity!

by Sam Olyaei  |  July 25, 2017  |  Submit a Comment

The Middle East is at a crossroads in cybersecurity practices.

Home to more than half of the world’s natural gas and oil reserves, coupled with future megaevents such as Expo 2020 and 2022 FIFA World Cup, the Middle East is a magnet for high-profile cyberattacks (state-sponsored and others). At the same, expectations from governments that are embarking on digital business transformation are increasing. Check-box compliance is no longer (and never was) the solution to managing risk. NESA,ADSIC,SAMA are regulatory agencies that provide a baseline of controls for your information security program, not a mechanism for managing risk. Similarly, technology investments to be augmented with a combination of agile people, repeatable process– and most importantly a realistic security strategy plan that takes into account the preceding factors.

Additionally, per my past research on “Survey Analysis: The Security and Risk Management Leader’s Guide to the Digital Ecosystem”, CIOs in the region see talent (especially in security and risk) as significant barriers to achieving their objectives. A reset of focus is required and alternative practices need to be adopted in cybersecurity talent management.  The Middle East is poised to be in a position to pump out the future generation of cybersecurity leaders through its urban adoption of emerging technologies that continue to shape up the future of cybersecurity. But money isn’t the solution. Commitment, persistence, and a digital collaboration platform is your ticket to the future (more research on this is planned at a later date).

For those who have access to Gartner, I present a deeper analysis of the challenges and set of recommendations for SRM leaders in my most recent contexts below:

Middle East Context: ‘Adapt Your Traditional Staffing Practices for Cybersecurity’

Middle East Context: ‘Managing Risk and Security at the Speed of Digital Business’

Additional Resources

Five Board Questions That Security and Risk Leaders Must Be Prepared to Answer

As board members realize how critical security and risk management is, they are asking leaders more complex and nuanced questions. This research helps security and risk management leaders decipher five categories of questions they must be prepared to answer at any board or executive meeting.

Read Free Gartner Research

Category: security  security-of-applications-and-data  

Tags: cybersecurity  digital-business  digital-ecosystem  digital-security  gcc  information-security  middle-east  risk-management  security  security-talent  talent  

Sam Olyaei
Sr. Research Analyst
4 years at Gartner
6 years IT Industry

Sam Olyaei is a Sr Research Analyst in Gartner Research, where he is part of the Risk and Security Management group. His primary research efforts are geared toward advising clients on issues related to their information security and risk management program such as security maturity, security policy, security budget, and high-level security strategy/governance principles. Read Full Bio

Leave a Reply

Your email address will not be published. Required fields are marked *

Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.