deepagopi2011 - Fotolia
Amid a spate of high-profile global data leak incidents, Middle Eastern consumers are losing confidence in organisations’ ability to keep their information safe.
A recent study commissioned by F5 Networks revealed that more than half of United Arab Emirates (UAE) consumers are concerned that sharing data with private companies could lead to their privacy being compromised.
The study, conducted by Opinium Research, surveyed more than 1,000 consumers across the country, exploring their attitudes to data security and handling.
Jameel Al Sharaf, IT director at Gulf-based conglomerate Yusuf Bin Ahmed Kanoo Group, said data security is the company’s top priority. “Data security is our biggest concern at the moment,” he said. “The Middle East region has experienced data leaks in the past, such as the oil company Aramco.
“Our customers – particularly those in the shipping industry – are checking our readiness against those growing threats.”
The F5 survey showed UAE respondents were particularly distrustful of passing data to social media brands and marketing companies, with 66% and 62%, respectively, stating they did not trust either with their personal data. Only 27% of respondents were confident that social media brands could protect consumer data from hackers.
Consumers were also wary of releasing information to banks, the public sector and insurance companies. The survey showed respondents wanted organisations to “field better authentication capabilities to achieve greater security”.
Mike Convertino, CISO at F5 Networks, said there appears to be a lot less trust in government in the Middle East than elsewhere. “What is more, social media companies and banks are just not trusted,” he said. “A lot of people have no confidence in organisations to keep their data safe.”
Convertino said companies could rebuild consumer trust by allowing customers to exercise more control on data through technology. Users could be given additional privacy tools and enabled to limit access to their data through applications with built-in encryption.
“Everyone in the survey wanted better authentication measures – so that’s key and it’s a tool they are looking for,” he added. “These areas are gaining a great deal of traction.”
Read more about IT security in the Middle East
- Hotel group implements centralised security management to proactively protect endpoints and achieve accurate security information.
- UAE firms find difficulty in providing facts on security breaches, while consumers demand to be informed of incidents.
- Hot on the heels of the Qatar National Bank data breach comes a campaign employing advanced social engineering techniques.
Convertino said data leaks happen quickly and organisations must be able to repond quickly. “But there is a lack of security talent globally, which means automation is important.”
Any consumer-facing organisation must ensure its data protection meets customer demands, he said. As customers become more aware of the risks, it becomes even more important to put in place a security and data protection infrastructure – technology, education and processes – that protect against threats but do not harm the customer experience, he added.
Convertino said there is a possibility that social media companies could charge for extra data protection services in the future. “Security as a service is a growing trend,” he observed.
Garth Braithwaite, director of F5 sales, Middle East, said considerable brand damage could be caused by data leaks. “What is the effect on individuals when their data is compromised? What damage does that do to your brand and your customer loyalty? How do you measure that? It comes down to a trust issue and how it is going to affect the brand,” he said.
A data breach could be particularly harmful to a brand’s reputation in the market “if they were not able to come back with a feasible answer”, said Braithwaite.
Kanoo Group’s Al Sharaf agreed that protecting consumer privacy is paramount for brand perception and trust. “I constantly remind the management team about the seriousness of these threats,” he said. “Everyone forgets about it until there is a major catastrophe. Then, of course, everyone wakes up.”
The Kanoo Group has a diversified business, ranging from shipping and heavy machinery to oil projects and travel services.
Vast amounts of data
Al Sharaf said the group holds vast amounts of customer data, particularly within its corporate travel division, which provides services for VIPs from regional oil companies, and its shipping division, which works with the US military.
Al Sharaf implemented F5 Network’s application delivery, high availability and optimisation modules in June 2015 in response to the need to protect customer data. “The implementation has been unique because we have used multiple modules and it has been a complex operation with multiple functionality,” he said.
“We have been focused on cyber security, but we also see growing internal threats, social engineering and data leakage. We are looking at new systems to pre-empt the possibility of data leakage.”
Braithwaite said consumers, suppliers and governments should share the responsibility to protect personal data. “The community and governments need to start educating the public on what is right and wrong and I think, as suppliers, we need to start pushing in that direction,” he said.
“It’s not a simple solution that you put in place. Hackers have one purpose in life – to break into your system. We have to defend against hundreds of hackers. It’s a process that takes a lot of planning.”