Middle East cloud security professionals have identified Zero Trust as the number one cloud security priority for the next year, according to a recent survey. The 'Future of Cloud Security in the Middle East' report found that 56% of regional cloud security experts would prioritize Zero Trust strategies, followed by Data and Privacy best practices at 43%. Regulatory Compliance was a close third at 42%.
The white paper surveyed 584 cloud security professionals across the region. It was launched by His Excellency Dr. Mohamed Al-Kuwaiti, Head of Cybersecurity for the UAE Government, at the Cybersecurity Innovation Series (CSIS) 2023 in Dubai. Compiled by Cyber Magazine, the report is endorsed by the UAE Cyber Security Council and OIC-CERT and sponsored by Huawei.
The research highlighted the Middle East unanimously adopting a Cloud-First strategy, with "non-cloud" environments almost non-existent today. Cloud is viewed as the quintessential baseline platform for adopting other deep technologies, such as AI, Blockchain and IoT. More importantly, the report also highlighted the flexibility of cloud solutions with the ability to adapt cloud on a case-by-case basis, where we are seeing a trend for both sovereign and hybrid clouds to be weaved together into national or regional multi-cloud strategies to unleash the potential of the digital economy.
While cloud is a core part of any digital strategy, the report also uncovered key trends in cybersecurity and privacy protection technical controls. 43% of respondents mentioned that security is the most important factor in their decision-making when choosing a cloud provider. As for their plans to implement more to protect their data on the cloud, respondents overwhelmingly picked multi-factor authentication as a key objective (45%), followed by encryption and staff training, both at 32%. The report also revealed the declining relevance of passwords as a cybersecurity strategy, with only 16% of respondents saying they would aggressively pursue a password strategy.
Speaking during the launch, Dr. Al Kuwaiti, also the OIC-CERT Cloud Security Working Group's Co-Chair, emphasized that cybersecurity is critical to national security and called for a proactive approach to safeguarding digital infrastructure and protecting sensitive data. He highlighted various policies the UAE has adopted to protect data, including a cloud-first model that first mandates all sensitive data be routed through the cloud to guard against DDOS attacks.
Dr. Al Kuwaiti's speech emphasized the significance of public-private partnerships in combating cyber threats, stressing the importance of collaboration between government institutions. "I would like to say a special thanks to Huawei for working with us on many of our initiatives, including on the release of the white paper," he added.
Moreover, Dr. Al Kuwaiti underscored the role of individuals in promoting cybersecurity. He encouraged responsible online behavior, stressing the need for bilateral and multilateral collaboration. Additionally, H.E. highlighted the importance of cybersecurity education and awareness campaigns to empower individuals with the knowledge to protect themselves, contribute to a secure digital environment, and reduce outbreaks of cybercrime.
"We need to build a cybersecurity culture, identifying what information to share and what not to share. The white paper identifies various measures that need to be taken and implemented to elevate cybersecurity posture," he added.
Echoing the report, Dr. Al Kuwaiti concluded that cybersecurity is cloud security, paving the way for the coming era of the Metaverse.
Huawei CLOUD has established a cybersecurity and privacy protection management system based on multiple mainstream international security standards and developed cybersecurity and compliance standards applicable to the cloud field based on Huawei's more than 30 years of experience and practices in security governance. Today, Huawei CLOUD has been certified by more than 120 authoritative organizations.
Dr. Aloysius Cheang, Chief Security Officer, Huawei Middle East & Central Asia, said, "Cloud is the foundation for the digital economy and pivotal to realizing the national visions of Middle East countries. However, the threat of cyber-attacks remains a clear and present danger. But through the efforts of stakeholders working together, we can demonstrate that a safe cyberspace is possible. We appreciate the collaborative efforts of the UAE government in releasing this white paper and look forward to even more successful partnerships."
Huawei believes that cyber security is a shared responsibility. Cybersecurity challenges must be addressed through technological innovation, knowledge sharing, standards development, verification, and other internationally credited measures. Working with partners, Huawei has a proven track record in cyber security globally. Huawei's collaborative approach to cybersecurity is demonstrated by its membership and contribution to regional and global cybersecurity organizations.
Huawei was the first global ICT player to join the Organisation of the Islamic Cooperation – Computer Emergency Response Team (OIC-CERT), currently the third-largest CERT organization in the world. The 2022 OIC-CERT Annual Conference saw the launch of the OIC-CERT Cloud Security Working Group, co-chaired by UAE aeCERT and Egypt egCERT, where Huawei is an active contributing member. This working group aims to provide the basis for establishing, implementing, maintaining and continually improving a cloud security framework. The proposed framework addresses end-to-end security requirements based on business interests, needs and objectives. The UAE will contribute its UAE Cloud Security Framework towards this effort to encourage the development of cloud-security-as-a-service.
Additionally, Huawei and the ITU Arab Regional Cyber Security Center (ITU-ARCC) signed an agreement to jointly promote public-private partnerships (PPPs) in cybersecurity earlier this year. The cooperation agreement marks a new era of cooperation to promote Arab world cybersecurity knowledge transfer, sharing of best practices and capacity building. Specifically, the agreement seeks to strengthen the collaboration among Arab cybersecurity experts to address threats and incident response in cyberspace effectively. It also aims to nurture an open, mutually beneficial and collaborative cybersecurity ecosystem through inclusive public and private partnerships. Further, both entities seek to jointly support efforts to establish a trusted, prosperous and sustainable Arab digital economic ecosystem.
-END-