Tenable, Inc. has published results of a study that found 86% of Saudi organisations suffered a business impacting cyberattack attributed to vulnerabilities in technology put in place during the pandemic. The data is drawn from ‘Beyond Boundaries: The Future of Cybersecurity in the New World of Work,’ a commissioned study of more than 1,300 security leaders, business executives and remote employees, including 104 in The Kingdom of Saudi Arabia, conducted by Forrester Consulting on behalf of Tenable.
The pandemic accelerated remote work for many Saudi organisations. In fact, 91% of organisations now have remote employees, up from just 34% in early 2020. Moving forward, the vast majority of organisations (91%) plan to adopt this remote working model permanently.
To facilitate the new world of work, cloud adoption has surged. 77% of Saudi organisations have moved business-critical functions to the cloud — including human resources (80%) and accounting and finance (60%).
However, this change to working practices has increased organisations’ risks. By their own admission, 63% of Saudi organisations are prepared to support new workforce strategies from a security standpoint, while 67% believe moving business-critical functions to the cloud exposes the organisation to increased cyber risk.
When looking at the impact of this increased risk, threat actors are taking advantage. 98% of organisations experienced a business-impacting cyberattack in the last 12 months, with 33% falling victim to five or more. 57% of Saudi organisations said these attacks targeted remote employees.
“Remote and hybrid work strategies are here to stay and so will the risks they introduce unless organisations get a handle on what their new attack surface looks like,” said Amit Yoran, CEO, Tenable. “This study reveals two paths forward — one riddled with unmanaged risk and unrelenting cyberattacks and another that accelerates business productivity and operations in a secure way. CISOs and CEOs have the opportunity and responsibility to securely harness the power of technology and manage cyber risk for the new world of work.”
IT and security teams are quickly rolling out tools for connectivity, collaboration and productivity, while also moving business-critical data to the cloud to support a remote and hybrid working environment. Organisations must reevaluate their approach to maintaining security, aligned to the business, in order to effectively reduce the risks introduced.
“The pandemic has seen the corporate perimeter shattered,” said Maher Jadallah, Senior Director Middle East & North Africa, Tenable. “Cloud adoption and remote working practices were being cautiously adopted in Saudi, but in the last 18 months this transition has exponentially accelerated. Attackers have seized on the opportunity, as this study reveals, which means understanding what poses a risk to the business and managing that risk effectively is imperative.”
Further results from the study, including how organisations can manage risk in the new world of work, are available.