The Middle East market is leading the charge globally when it comes to Zero Trust strategy implementation, with 70% in the UAE and KSA, compared to a global adoption rate of 62%.
The Entrust Cybersecurity Institute survey on the State of Zero Trust adoption and encryption in 2024 reveals that the Middle East market is leading the charge in global Zero Trust strategy implementation (70% in UAE, and 70% in KSA), compared to global markets (62%).
Despite this, challenges such as insufficient cyber hygiene and credential management issues persist, highlighting the need for continued innovation and investment in cybersecurity strategies.
The eighteenth annual Entrust study conducted by the Ponemon Institute surveyed 4,052 IT professionals and IT security practitioners across the U.S., UK, Canada, Germany, Australia and New Zealand, Japan, Singapore, the United Arab Emirates and the Kingdom of Saudi Arabia.
“With costly breaches, artificial intelligence-generated deepfakes, synthetic identity fraud, ransomware gangs, and cyber warfare on the rise, the threat landscape is escalating at an alarming rate.”
Mohamed Eissa, Regional Sales Director at Entrust
Mohamed Eissa, Regional Sales Director at Entrust said: “With costly breaches, artificial intelligence-generated deepfakes, synthetic identity fraud, ransomware gangs, and cyber warfare on the rise, the threat landscape is escalating at an alarming rate. This means that implementing a Zero Trust security practice is an urgent business imperative as the security of organizations and their customers’ data, networks, and identities depends on it. Recognizing Zero Trust as indispensable for securing the future of our organizations is crucial. Leaders must grasp that investing in Zero Trust now yields cost savings and safeguards reputations in the long run.”
Despite the growing adoption of Zero Trust strategies in the UAE and KSA, two significant challenges remain according to the Entrust Global 2024 Study. First is the lack of leadership buy-in with an average of 44% of organizational leaders in UAE and KSA, remaining unconvinced of the need for a Zero Trust approach. Secondly, organizations still face a lack of budget to invest in such strategies (48% in UAE and 36% in KSA), both of which are largely within an organization’s control.
Credential management remains a challenging area, with a lack of clear ownership and skilled personnel being primary obstacles. Additionally, there is a growing focus on managing the existential threat posed by quantum computing, with many organizations planning to migrate to post-quantum cryptography (PQC) within the next five years. These findings highlight that, although Zero Trust is gaining traction, leadership skepticism and financial constraints are major roadblocks.
Mohamed Eissa, concluded: “Our study emphasizes the potential of Zero Trust in improving cybersecurity resilience. However, the findings reveal significant challenges that organizations must address in order to fully realize the benefits of this framework. By bridging these gaps, organizations can strengthen their security posture and ensure the trust and safety of their customers and stakeholders in an increasingly complex cyber landscape.”
Other key findings from the 2024 State of Zero Trust & Encryption Study include:
- Rising rates of surface attacks and cyber breaches are driving Zero Trust adoption: Organizations are adopting Zero Trust due to cyber risk concerns, with the pattern of 36% of UAE and 30% of KSA organizations citing expanding attack surface and 29% of UAE and 34% of KSA organizations reporting cyber breaches.
- Good cyber hygiene alone can’t safeguard against all threats:Half the respondents in the Middle East cited hackers exposing sensitive or confidential data as their top security concern, followed by system or process malfunctions (44%) and unmanaged certificates (35%).
- People, skills and ownership remain painful hurdles for CISOs to achieve effective credential management:
- Managing the existential PQ threat: 41% of UAE organizations cite that they are preparing for the PQ threat, while KSA organizations are close behind at 34%, and have a plan to manage the existential threat.
- Post quantum cryptography (PQC) migration is on the rise: 61% of respondents in the UAE and 59% in KSA are planning to migrate to PQC within the next 5 years, which is on par with the global finding (61).