DUBAI — The MENA region is witnessing a significant surge in security and risk management (SRM) spending, driven by evolving threats such as Generative AI (GenAI), stricter data privacy regulations, and the relentless pace of cyberattacks. Gartner, Inc., forecasts end-user spending on SRM to reach US$ 3.3 billion in 2024, marking a 12.1 percent increase from 2023.
“The evolving digital landscape presents both opportunities and challenges,” explains Shailendra Upadhyay, Senior Research Principal at Gartner. “While GenAI opens new doors for businesses, it also expands the threat surface. Additionally, stricter regulations and the alarming frequency of cyberattacks are prompting SRM leaders to invest more in security measures.”
This trend is evident across various segments within the SRM landscape. Data privacy spending is projected to grow the highest in 2024, jumping 24 percent year-over-year. This surge aligns with the implementation of data protection laws in the GCC, mirroring regulations like Europe’s General Data Protection Regulation (GDPR). These laws necessitate enhanced data privacy and cybersecurity measures, prompting increased spending in this crucial area.
Cloud security is another booming segment, expected to grow by 17.4 percent in 2024. The widespread adoption of cloud-based services such as IaaS, PaaS, and SaaS fuels this growth, leading to increased investments in securing these infrastructures. Additionally, the complexity of multi-cloud environments necessitates advanced detection and response solutions, further driving demand.
While GenAI opens new doors for businesses, it also expands the threat surface.
Shailendra Upadhyay, Senior Research Principal at Gartner
However, challenges persist beyond financial investments. One critical concern is the emergence of GenAI. Gartner predicts this technology will lead to a 15 percent increase in application and data security spending by 2025 due to its inherent attack surfaces. To mitigate these risks, CISOs must adapt their security programs, establishing policies, training modules, and updated security practices to address the unique threats posed by GenAI.
Another challenge lies in employee behavior. The democratization of GenAI can empower individuals with potent capabilities, but without proper guidance, it can lead to unintended consequences such as data breaches or copyright infringement. Therefore, implementing Security Behavior and Culture Programs (SBCPs) is crucial. These programs minimize risks associated with employee behavior by instilling a culture of security awareness and responsible technological usage.
Critical Cybersecurity Trends for MENA CISOs
Against the backdrop of GenAI’s mainstream integration, cybersecurity leaders in the MENA region confront multifaceted challenges that necessitate proactive risk mitigation strategies. Gartner highlights two pivotal cybersecurity trends that are crucial for enhancing organizational resilience and bolstering cybersecurity functions:
- Exploring the Potential and Perils of GenAI: The emergence of large language model (LLM) applications, exemplified by ChatGPT and Google Bard, accentuates the need for robust application and data security programs. GenAI introduces novel attack surfaces, compelling security leaders to fortify defenses and adapt security practices to mitigate associated risks of privacy infringement and unauthorized usage.
- Security Behavior and Culture Programs (SBCPs): The democratization of GenAI underscores the imperative for organizations to implement SBCPs aimed at mitigating cybersecurity incidents stemming from employee behavior. Effective SBCPs necessitate concerted efforts from senior executives to foster a culture of security awareness and instill a shared vision of a secure enterprise.
The road ahead for the MENA region’s cybersecurity landscape is clear: robust investments in SRM, coupled with proactive strategies to address emerging threats like GenAI and employee behavior, are essential for building resilience and navigating the ever-evolving digital world. By prioritizing these efforts, MENA can ensure a secure and prosperous future for its businesses and citizens.
At A Glance Significant Surge in SRM Spending: The MENA region is experiencing a dramatic increase in security and risk management (SRM) expenditures due to evolving threats like Generative AI, stricter data privacy laws, and the rapid pace of cyberattacks. Gartner's Forecast: Predicts SRM end-user spending in the MENA region to reach US$ 3.3 billion in 2024, a 12.1% increase from 2023. GenAI's Dual Edge: Generative AI presents new opportunities for businesses but also widens the threat landscape, necessitating increased security investments. Data Privacy and Cloud Security: Spending on data privacy is expected to see the highest growth, with cloud security also marked for significant investment due to the adoption of cloud-based services and the complexity of multi-cloud environments. Challenges Beyond Financial Investment: The emergence of GenAI and issues related to employee behavior present ongoing challenges, requiring the adaptation of security programs and the implementation of Security Behavior and Culture Programs (SBCPs). Cybersecurity Trends for MENA CISOs: Two critical trends highlighted are the exploration of GenAI's potential and perils, and the necessity of SBCPs to mitigate risks from employee behavior. Future Outlook: Robust investments in SRM and proactive strategies against emerging threats are essential for the MENA region's cybersecurity resilience and digital world navigation.