Companies and organisations across the Middle East and Africa (MEA) region could be at high risk from hackers, with only 4 percent of business leaders in the region confident in their organisation’s ability to manage cyber risks.
More alarming is the fact that the majority of organisations in MEA are still struggling to even understand the risks posed by their vendors and digital supply chains, as they grapple with their cyber security strategies, a new research said.
Around 37 percent of MEA organisations also admitted to not having any kind of cyber insurance in place, despite the fact that it is a key element in managing cyber risk, revealed the research by Marsh in partnership with Microsoft Corp, based on a survey among corporate leaders in the region.
The corporate senior executives were asked how cyber risk was viewed by various functions such as cyber security and IT, risk management and insurance, finance, and even executive leadership in their organisations.
Commenting on the survey findings, Christos Adamantiadis, chief executive officer of Marsh Middle East and Africa, said it was not about if an organisation will get attacked, it was rather a matter of when.
“This makes it all the more surprising that organisations continue to take a siloed approach, rather than looking at the risk from an enterprise-wide perspective,” Adamantiadis said.
According to the report, confidence in their organisation’s core cyber risk management capabilities – including the ability to understand or assess cyber threats, mitigate or prevent cyber-attacks, and respond and manage cyber-attacks – remained a major concern for the region’s business leaders.
“Over three quarters – 76 percent – [of business leaders] in the Middle East and Africa have no confidence in their own organisation’s cyber resilience,” the report said.
This also emanates from the fact that 60 percent respondents in the survey said that they have not conducted a risk assessment of their vendors or supply chains.
On acquiring cyber insurance, more than half – 54 percent – of the MEA companies which had procured insurance acknowledged they did so as it was part of the best practice within their business sector.
They, however, admitted insurance against cyber attacks have helped them to adopt a more stringent and resilient approach to cyber risks.
Besides, about 75 percent of the MEA leaders recognised that insurance was an important part of any cyber risk management strategy.
According to Simon Bell, cyber, financial and professional lines leader at Marsh MENA, greater cross-enterprise communication can help the region’s businesses to bridge the gaps that currently exist, boost confidence, and better inform overall strategic decision making around cyber threats.
Follow us on
