Nearly three-quarters (72%) of organisations anticipate business disruptions from cyber incidents within the next two years, according to research from Cisco.
By Maggie Mancini
One-quarter (25%) of organisations in Saudi Arabia have achieved the “mature” or “progressive” levels of readiness required to effectively withstand today’s cybersecurity threats, according to research from Cisco. This represents an improvement from last year’s index, though further efforts are required to address cybersecurity preparedness as hyperconnectivity and AI introduce new complexities for security practitioners.
AI is revolutionising security and escalating threat levels, with 91% of organisations in Saudi Arabia having faced AI-related incidents last year. However, only 61% of respondents are confident their employees fully understand AI-related cybersecurity threats, and only 51% believe their teams fully grasp how malicious actors are using AI to execute attacks. This awareness gap leaves organisations critically exposed.
AI is compounding an already challenging landscape. In the last year, over half of organisations (52%) suffered cyberattacks, hindered by complex security frameworks with siloed point solutions. The top three types of cybersecurity incidents include malware (76%), phishing attacks (62%), and data breaches by malicious actors (45%). Ransomware attacks were mentioned by 39% of respondents.
Cybersecurity preparedness in Saudi Arabia remains alarmingly low, especially as 72% of respondents anticipate business disruptions from cyber incidents within the next 12 to 24 months. An impressive 93% of organisations use AI to better understand threats, 92% for threat detection, and 78% for response, underscoring AI’s vital role in strengthening cybersecurity strategies.
Generative AI (GenAI) tools are widely adopted, with 50% of employees using approved third-party tools. However, 28% have unrestricted access to public GenAI, and 50% of IT teams are unaware of employee interactions with GenAI, underscoring major oversight challenges. Approximately 39% of organisations lack confidence in detecting unregulated AI deployments, or shadow AI, posing significant cybersecurity and data privacy risks.
Within hybrid work models, 89% of organisations face increased security risks as employees access networks from unmanaged devices. This is exacerbated by using unapproved GenAI tools.
While almost all (98%) organisations plan to upgrade their IT infrastructure in the next 12 to 24 months, only 8% allocate more than 20% of their IT budget to cybersecurity. This finding suggests an opportunity for enhanced investment in comprehensive defense strategies, as the pace of threats continues to rise. Over four in five (84%) organisations report that their complex security infrastructures, dominated by the deployment of more than 10-point security solutions, are hampering their ability to respond to threats swiftly and effectively.
A staggering 93% of respondents identify the shortage of skilled cybersecurity professionals as a major challenge, with 57% reporting more than 10 positions to fill.
