Security professionals around the world agree that climate change will become one of the top security-impacting hazards over the next 12 months.
The findings are part of the first-ever World Security Report that surveyed over 1700 chief security officers (CSOs), or those in equivalent roles, from large, global companies in 30 countries.
According to the survey, 38 percent of the respondents believe climate change will be the second most likely security-impacting hazard. Interestingly, 34 percent agreed their company has already experienced a security hazard because of climate change.
Threat landscape
Leading the list of emerging threats was economic unrest, cited by nearly half (47 percent) of the respondents.
“Nations around the globe face multiple, significant economic pressures, including rising inflation and cost of living challenges, exacerbated by the first European war in a generation. These issues come on the heels of sizable economic shocks following the COVID-19 pandemic,” the report reasons.
Read: Gartner’s 9 cybersecurity trends for 2023
A third of the respondents believe they’ll witness an increase in threats from disruption of energy supplies in the next year. This is closely followed by the threat from war and political instability with 32 percent of the respondents expecting this to become a factor.
Safe haven
Interestingly, the survey finds that companies in the Middle East were much safer than their global peers.
Security-impacting hazards were experienced by 75 percent of companies over the last year, which is below the world average.
Economic unrest was the leading cause of concern (38 percent) for Middle East companies, much like it was for the rest of the world. It was followed by climate change, which at 36 percent was slightly above the global average.
Another positive was that companies in the Middle East suffered fewer internal threats than the global average. The most common internal incident over the last 12 months was the misuse of company resources or data (35 percent), closely followed by leaking sensitive information (34 percent).
External threats were lower than the world average too. The most common was fraud (22 percent), followed by phishing and social engineering (20 percent).
Read: Cybersecurity and C-Suite majority not seeing eye to eye
Looking forward however, 91 percent of the respondents from the region expect the impact of hazards to increase significantly.
However, while leaking sensitive information is expected to continue to be the biggest internal threat, misuse of company resources or data is expected to decline in the next year.
External threats are expected to jump in the next year as well, with 87 percent of respondents anticipating they will experience one, with fraud noted by 25 percent of respondents as the biggest potential threat.
Room for improvement
Despite the increase in threats, companies in the region aren’t prepared to take the bull by the horn.
While over half the respondents from the Middle East said security budget priorities will be focused on introducing new technology (59 percent) and training staff (52 percent), cutting-edge or emerging security technologies were only used by 32 percent of companies in the region.
Almost half (42 percent) of the companies in the region continue to use basic or minimal technology, which is the highest of any region. This suggests the Middle East is behind the curve in technology uptake, according to the report.
No wonder then that despite the anticipated increase in threats, less than half (47 percent) expect to invest in emerging or cutting-edge technology over the next 12 months.
Read: Cybersecurity talent shortage a major concern for CISOs in UAE, Saudi
While the report doesn’t break-up the Middle Eastern stats, it’s safe to assume that some countries in the region are better prepared to tackle the threat.
The UAE, for instance, established the UAE Cybersecurity Council in 2020. It also earmarks a sizable budget towards cybersecurity initiatives. Similarly, Saudi Arabia has the National Cybersecurity Authority that develops and issues cybersecurity-related frameworks and guidelines.
For more tech news, click here.
