A new study has revealed that only four percent of business leaders in the Middle East and Africa region are confident in their organization’s ability to manage cyber risks.
The study, "The Middle East and Africa State of Cyber Resilience", published by Marsh in partnership with Microsoft Corporation questioned over 660 regional and global cyber risk decision makers.
Asharq Al-Awsat obtained a copy of the study that analyzed how cyber risk is viewed by various functions and executives in leading organizations, including cybersecurity and IT, risk management and insurance, finance, and executive leadership.
It showed that confidence in their organization’s core cyber risk management capabilities – including the ability to assess cyber threats, mitigate or prevent cyber-attacks, and manage and respond to cyber-attacks – remains a major concern for the region’s business leaders.
Over three quarters (7%) in the MEA region have no confidence in their own organization’s cyber resilience.
Other findings state that the majority of organizations are still struggling to understand the risks posed by their vendors and digital supply chains as part of their cybersecurity strategies.
About 60% of respondents stated that they have not conducted a risk assessment of their vendors or supply chains.
Also, a third (37%) of organizations admitted to not having any kind of cyber insurance in place even though it is a key element in managing cyber risk.
More than half (54%) of the those organizations who had procured insurance acknowledged that doing so was accepted best practice within their business sector and had helped them adopt a more stringent and resilient approach to cyber risks.
Three quarters (75%) recognized that insurance was an important part of any cyber risk management strategy.
"It’s not about if an organization will get attacked, it’s rather a matter of when, which makes it all the more surprising that organizations continue to take a soloed approach rather than looking at the risk from an enterprise-wide perspective," opined Christos Adamantiadis, CEO of Marsh Middle East and Africa.
Simon Bell, cyber and financial and professional lines leader, Marsh MENA said: "Cyber risks are pervasive across most organizations."
"Successfully countering cyber threats needs to be an enterprise-wide goal, aimed at building cyber resilience across the firm, rather than singular investments in incident prevention or cyber defense," he added.