Story image

Gartner forecasts security spending to surge in Africa

19 Oct 17

Cybersecurity investment is set to leap forward in Middle East and North Africa (MENA).

Gartner says spending on information security technology and services in MENA is on pace to exceed US$1.8 billion in 2017, representing an 11 percent increase from 2016.

In line with global trends, security services will continue to be the fastest growing segment – particularly IT outsourcing, consulting and implementation services.

Gartner says the growth for security services will be driven by ongoing skills shortages in the information security domain as well as increased awareness of threats.

The oil and gas industry is critical to many local economies in MENA and Gartner asserts the converging of operational technology (OT), Internet of Things (IoT), and IT is pushing many organisations to start considering how to handle the potential new security vulnerabilities created.

This is fuelling interest to invest in security products and services in an attempt to mitigate these new risks that traditional information security practices are not accustomed to.

Gartner says this rising awareness among CEOs and boards of directors about the business impact of security incidents and an evolving regulatory landscape is undoubtedly having a positive impact on the industry, including continued spending on security prouducts and services, not to mention increased accountability at the board level when it comes to security implications making metrics and executive communication a hot topic for leaders today.

At the recent Gartner Security and Risk Management Summit, Gartner’s senior research analyst Sam Olyaei provided the latest outlook for the information security industry where he affirmed improving security is not just about spending on new technologies – as illustrated in the recent spate of global security incidents, doing the basics right has never been more important.

“Organisations can improve their security posture significantly just by addressing basic security and risk related hygiene processes like patch management, regular and scalable vulnerability scanning, centralised log management, internal network segmentation, backups and system hardening. Do not buy a tool just because a tool exists, invest in people and process to maintain and operate these tools," says Olyaei.

"The region is also fixated on check box compliance – a hallmark of immaturity when it comes to security. In essence there is a false sense of security in the GCC. Digital business is transforming the region and it is all about managing risk; managing risk is about understanding the major perils a business will face, and prioritising controls and investments in security to achieve business outcomes."

How to stay safe when shopping online
Online shopping is a great way to avoid the crowds – but there are risks.
Dell EMC embeds security in latest servers
Dell EMC's 14th generation of PowerEdge servers has comprehensive management tools to provide security across hardware and firmware.
Why data backups should be a part of daily operations
"Disaster recovery needs to address complete system failure and provide a set of security policies to govern disaster incidents."
Businesses focusing on threats from within - survey
Over 50% of respondents reported that 100 days of dwell time or more was representative of their organisation.
Corelight and Exabeam partner to improve network monitoring
The combination of lateral movement and siloed usage of point security products leaves many security teams vulnerable to compromise.
SailPoint releases first identity annual report
SailPoint’s research found that many organisations are lacking maturity in their governance processes over identities.
Disruption in the supply chain: Why IT resilience is a collective responsibility
"A truly resilient organisation will invest in building strong relationships while the sun shines so they can draw on goodwill when it rains."
Businesses too slow on attack detection – CrowdStrike
The 2018 CrowdStrike Services Cyber Intrusion Casebook reveals IR strategies, lessons learned, and trends derived from more than 200 cases.