Middle East governments and corporates are expected to invest heavily in Zero Trust Access (ZTA) IT systems over the coming years to ward off the omnipresent threat of cyber-attacks, providing a major boost to the region’s cybersecurity market that’s predicted to more than double in value over the next five years.
Exhibitors at next month’s GISEC Global cybersecurity exhibition in Dubai, said ZTA security – an approach to designing IT infrastructure with a ‘never trust, always verify’ model – will be highly sort after in 2023 and beyond, as organisations seek to protect their data and systems against constantly evolving and increasingly sophisticated cyber threats.
In the Middle East, the pervasive ‘work from anywhere’ culture is convincing companies to double down on their efforts to protect digital assets, fuelling the region’s cybersecurity market that, according to analysts Markets and Markets, will grow from US$20 billion in 2022 to US$44.7 billion in 2027, clocking 17 percent annual growth.
Rising IoT traffic, increasing technological advancements and modernisation of enterprises are also fuelling demand for zero trust security solutions, with MarkNtel Advisors, a research company, expecting the Middle East ZTA market to grow by 16 percent annually over the next five years.
The core cybercrime methods haven’t changed, but the sophistication of them has increased. The good news is IT security professionals and C-level decision makers will have no shortage of solutions to investigate at the 11th edition of GISEC Global 2023, which returns to the Dubai World Trade Centre from 14-16 March, featuring more than 400 exhibitors from 42 countries.
Household names such as tech titans Huawei and Microsoft will be out in full force at the annual three-day event, alongside headline ground-breaking infosec companies including Spire Solutions, CPX, Mandiant, Pentera, Cloudfare, Crowdstrike, Edgio, Secureworks, Synack, Threatlocker, and Votiro.
“In our increasingly digital world, security is a key concern and area of focus,” said Waseem Hashem, Business Group Director for Modern Work & Security at Microsoft UAE. “At Microsoft, we have a long-standing commitment to securing our platforms and providing solutions, and our answer to safeguarding the digital space in the face of evolving threats is the Zero Trust network and architecture.
“Businesses worldwide are prioritising secure and efficient network access, making the adoption of Zero Trust non-negotiable. In the Middle East, in particular, where cyber threats are becoming more persistent and sophisticated, the implementation of this approach is a critical step for organisations to protect their sensitive data.”
CPX, a home-grown cyber security entity based in the UAE, will this year showcase its complete suite of end-to-end cybersecurity capabilities covering all industries from energy & utilities to government and defence, healthcare, finance and transportation. Commenting on the Zero-Trust networks, Paul Lawson, Executive Director at CPX, said: “The fast-paced growth of emerging technologies like AI/ML, Cloud and IoT has put a strain on an organization’s ability to secure, protect and mitigate looming cyber threats.
“We expect these shifts to significantly contribute to a rise in the adoption of Zero Trust models. A Zero Trust approach distrusts all entities by default, requiring all users inside and outside a network to be continuously authenticated and authorised.
Added Lawson: “In the Middle East, many organisations still depend on a traditional firewall-based perimeter architecture. As organisations embrace new advanced technologies and frequently migrate to Cloud, they should align and enhance their cybersecurity posture by deploying Zero Trust ‘aware’ technologies.”
Zero Trust to replace VPN by 2025 – Gartner
Another key factor behind the growth of ZTA is the increasing adoption of cloud technologies, leaving organisations migrating workloads to the cloud increasingly vulnerable to wily attackers, posing major challenges and causing significant losses.
Tech research firm Gartner predicts that zero trust network access will even replace virtual private networks (VPNs) by 2025, with the rise in remote work and the continuing threat of cyber-attacks urging companies to scout for more robust security frameworks.
As a result, says Anil Bhandari, Chief Mentor at ARCON – a cybersecurity provider with sales headquarters in Houston, Texas – organisations are gearing their investments towards a system that, among several characteristics, uses multi-factor authentication to verify the identity of users and devices.
“According to our research, adopting zero trust networks and architecture will be a top priority for IT security executives in the Middle East and around the world this year,” said Bhandari, who will be at GISEC Global 2023 with ARCON’s Converged Identity Management platform – a Software as a Service identity and access management platform.
“In the Middle East, in particular, for a typical large-scale enterprise or mid-size company, the IT perimeter is no longer confined to on-premises data centres. As modern-day IT infrastructure is large and distributed in hybrid and multi-cloud setups, Middle East IT security leaders will look to build micro-segmentation and micro-perimeters for controlling and securing digital identities.”
‘Think Zero Trust’ at GISEC Global 2023
CyberKnight, a UAE-based cybersecurity value-added-distributor will meanwhile have a dedicated ‘Think Zero Trust’ theme at GISEC Global 2023, with CMO Olesya Pavlova, stating that attackers are continuously expanding their capabilities and taking advantage of an ever-growing number of attack vectors.
“In 2022, we saw that cybercriminals targeted Middle East critical infrastructure, including information technology, financial services, healthcare, and energy sectors, with headline-grabbing incidents,” said Pavlova, whose CyberKnight recently partnered with American zero trust real-world cybersecurity company Xage to accelerate ZTA adoption across the Middle East.
“Currently, we see XDR, data security, threat intelligence and application security with the highest demand. Our purpose remains the same going forward – to help fight cybercrime using Zero Trust.”
Elsewhere, US-based StrikeReady will showcase its award-winning AI-powered Cognitive Security Platform at GISEC Global 2023. AI capabilities such as reinforcement learning, natural language understanding, and proactive conversational AI enable StrikeReady’s Cognitive Security Platform to offer innovative features such as a virtual cybersecurity assistant.
Anurag Gurtu, Chief Product Officer at StrikeReady, said in order to continue to evolve in the same way that attackers do, thriving organisations must have ZTA as part of their cyber security transformation.
“The Middle East is one of the few regions that adopts cyber security early, so I suspect many businesses there have looked into ZTA,” said Gurtu. “Attackers are innovative, and their tactics continue to evolve to defeat existing cyber defences. It is imperative that the industry adapts and evolves in order to stay competitive with attackers.”
GISEC Global is organised by the Dubai World Trade Centre (DWTC), with the annual three-day event also comprising an extensive conference programme under the theme ‘Connecting minds, boosting cyber resilience’, with 13-tracks tackling the evolving cyber landscape and corresponding threats across multiple industries.
“The Zero Trust model addresses the Middle East’s growing concern of cyber-attacks on critical infrastructure, while providing a more comprehensive approach to security by requiring verification of all users and devices, regardless of location, and implementing strict access controls,” said Riju George, Group Director for GISEC at DWTC.
“The largest ever edition of GISEC Global in 2023 will deliver an unmatched ecosystem of the world’s premier cybersecurity players, helping governments and businesses address unprecedented security risks, while enhancing their opportunities to innovate and thrive in a constantly evolving digital economy.”