UAE’s IT security spending is not enough – expert

Firms in the United Arab Emirates are found to be lacking in efficient security infrastructure, a survey by International Data Corporation (IDC) Connect has found.

According to the survey, 80 per cent of local firms lack the ability to analyse threats. While 52 per cent are unable to adapt and integrate risk management solutions and 42 per cent say the cyber-security support systems are not enough to manage cyber risks.

“Currently the 5.6 per cent year-on-year increase in IT security spending in the UAE is not sufficient,” said RSA general manager and senior director Peter Tran, who also leads the company’s worldwide advance cyber defence practice division.

However Tran is optimistic that cyber security spending will rise rapidly as the country – specifically Dubai – moves towards achieving its smart city initiatives.

“Because of the large investments being made to transform Dubai into a smart city, the IT security industry stands to gain as it forms a key part of this digital transformation,” Tran said.

Smart city initiatives are likely to make the city more prone to cyber attacks, especially in sectors such as healthcare where system providers offer ‘connected’ medical devices.

“Even financial services and trading platforms, oil and gas industries and renewal energy sources are extremely attractive for attackers,” he said.

Dubai’s smart city strategy will include 100 initiatives in transport, communications, infrastructure, electricity economic services and urban planning. It also envisions 1,000 government services going ‘smart’ by 2017.

Read more: Cyber war: Is the Middle East prepared?

Another factor giving a boost to the cyber security industry is Dubai’s strong focus on developing the right legislation to deal with the issue, opined Tran.

“Legislations add not just structure to the regulatory and legal aspects but also offer guidelines on how companies should respond to a cyber attack and disclose the nature of the breach,” he explained.

Dubai recently issued an open data law allowing government departments and non-government entities to share non-confidential data. The law aids in addressing privacy concerns of users as it provides a clear legislative framework to safeguard private data.

“The growth in IT security industry is thus going to double and even triple over the coming two to three years,” he added.

Looking ahead Tran stressed that the emirate must ensure that its critical sectors are well-protected ahead of Expo 2020.

Read more: Malware attacks have doubled in the Middle East, reveals report

However, he is optimistic that Dubai is already on the right path.

Asked to rank Dubai’s cyber security infrastructure on a scale of 1-10, 10 being the best, he ranked the emirate in the range of six to seven.