A report on 'The Future of Cloud Security in the Middle East' highlights the importance of sovereign cloud, hybrid cloud, and talent as key challenges and trends facing organisations in the region.
The report was launched by His Excellency Dr Mohamed Al-Kuwaiti, Head of Cybersecurity for the UAE Government at the Cybersecurity Innovation Series (CSIS) event held at The Meydan Hotel in Dubai.
The report is endorsed by the Cyber Security Council and OIC-CERT. Dr Al-Kuwaiti is also the co-chair of the OIC-CERT Cloud Security Working Group.
The results of the survey were analysed and discussed at roundtable events in Dubai and Abu Dhabi in the United Arab Emirates, sponsored by Huawei, with expert speakers and an invited, select audience of leading cloud security professionals.
Speaking at the launch of the report, HE Dr Al-Kuwaiti highlighted the leading role that the UAE is playing in fighting cyber crime.
“It is important to understand that cloud security is cyber security,” HE Dr Al-Kuwaiti said. “Organisations were quick to move to the cloud as part of their digital transformations, accelerated by the COVID-19 pandemic, but this increased reliance on cloud also brought with it increased risk.
“Some companies may not have been fully prepared, or may now be struggling to attract the talent they need to cope with the cyber security challenge.”
Sovereign cloud and talent are top security priorities
The key findings of the research report are:
- Sovereign cloud is trending due to rapid de-globalisation and new barriers of entry as a result of geopolitical tensions.
- Hybrid cloud is featured prominently, driven by rapid digital transformation needs.
- Cybersecurity is the key concern when choosing a cloud provider.
- Cloud computing adoption driven by a cloud-first strategy is gaining traction fast in the Middle East, with the United Arab Emirates and Saudi Arabia leading the way.
- There is a direct relationship between cloud adoption rate and the availability of cloud security professionals.
Traditionally, the Chief Information Security Officer (CISO) has been seen as a back-office role or one filled only when there was an audit issue or a need to find IT support. They were rarely featured within the executive management team.
As the cloud and cyber threat landscape becomes even more disruptive, cloud security professionals are clearly being listened to, and heard.
Two-thirds of those surveyed say they have an increased voice in the boardroom, almost three-quarters say cloud security is taken seriously enough, and a similar number say they are included in strategic decision-making at their organisation.
“We need to usher in the new Golden Age of the CISO,” says Dr Aloysius Cheang, President and Chief Security Officer Huawei Middle East and Central Asia, who took part in both roundtables.
“In order that we appear among the other members of the board, you really have to talk business, and security as a business enabler. The only way out of troubled waters is with the CISO as the captain of the ship.”
More than two-thirds of cloud professionals believe that government regulation has improved the quality of cloud provision, but the fact that a third say it has not means there is clearly more work to be done as the challenges increase.
Governments – especially in the UAE and Saudi Arabia – have enforced regulations on cloud and continue to add layers of protection for their citizens and their sovereign data.
Reassuringly, security is the number-one factor when it comes to choosing a cloud provider. According to the survey, 43% say it is the most important consideration, ahead of cost on 19%.
“Cloud security is a top concern for any organisation,” says Scott Birch, MD – Dubai, BizClik Media.
“Our everyday lives are increasingly taking place online, and that means in the cloud. With critical infrastructure and services – from utilities to banking – also in the cloud, security is more important than ever before. This report sheds light on current and future trends, and is essential reading for IT leaders.”