Pavel Ignatov - Fotolia
Take-up of security as a service in the United Arab Emirates (UAE) is rising as firms become increasingly concerned about cloud-borne threats.
According to the latest IDC trends report, security continues to be the number one challenge facing Middle East-based CIOs, with spending on security systems in the region set to pass $2bn in 2017.
The value of the region’s security as a service sector grew by just over 26% last year to hit $210m, according to Gartner research.
“We continue to see a shift from legacy IT services to cloud-based services,” said Sid Nag, research director at Gartner. “Organisations are pursuing a cloud-first strategy, which is driving market growth.
“The growth in cloud management and security is testimony that cloud-related services, in addition to core cloud services, are critical to cloud adoption. Organisations will look for increased automation and management of these cloud assets, as well as focus on the security aspects of consuming public cloud.”
Experts say the upcoming Dubai World Expo 2020 will be a critical factor in driving demand for security as a service. The Expo is set to be the largest event ever hosted in the country and could drive up to 50 million extra visitors to the city.
“With the huge number of tourists and investors coming to the UAE, there will be a large influx of data, which will need greater infrastructure planning,” said Sachin Bhardwaj, director of business development at eHosting DataFort (eHDF).
“Businesses will have to manage this large amount of information in the most organised way. To ensure this, investing in additional storage, network capacity and security will be required and this will drive the demand for all aspects of cloud services, particularly security as a service.”
Rapidly evolving threat
Bhardwaj warned that the threat landscape in the UAE is rapidly evolving in sync with the increasing sophistication of cyber crime across the globe. “Cyber crime has become a heavily globalised industry, with many attacks happening across borders via the internet,” he said. “Hacker operations globally have become very organised and sophisticated and malicious actors seek to access the most valuable and sensitive information of organisations mainly in the financial services, energy and healthcare sectors.”
The shortage of cyber security talent in the region is driving companies to seek automated solutions for peace of mind, said Bhardwaj.
“Many organisations are seeking solutions that provide necessary expertise, are scalable, and serve as predictable operating expenses, rather than variable capital expenses,” he said. “Hence, they are looking for cost-effective technology that provides round-the-clock security. Managed security services fit the bill perfectly.”
Bhardwaj said eHDF has seen increased local demand for email encryption, security information and event management (SIEM), end-point protection and data loss prevention.
In response to this growing demand, the company recently launched a cyber defence centre to cater to both private and government clients. The centre offers a portfolio of managed security services (MSS) along with remote managed SIEM services, deliverable within eHDF’s datacentre, on customers’ premises or in the cloud.
Read more about security as a service
- Despite increasing levels of specialisation, managed security service providers often do not understand the business you are in. That may be changing.
- Admins can switch to managed service accounts to boost Windows server security.
- Expert Mike Villegas outlines the pros and cons of using MSSPs instead of in-house security.
The UAE market largely echoes global trends in shifting away from traditional security management technologies and techniques, said Bhardwaj. “Major factors that are contributing to the growth of security as a service include the rise in demand for cloud-based security and high on-premise security costs for organisations.”
Bhardwaj said demand for end-point protection is expected to increase in the next few years because of the rise in malware, ransomware and cyber attacks. “Managed security service providers are developing solutions to incorporate advanced analytics and more powerful tools for detecting, investigating and managing increasingly dynamic threats across an expanding range of attack vectors,” he said. “Cloud-based security services, in particular, will be the most sought-after services, particularly in the UAE and Qatar.”
Jameel Alsharaf, head of group IT for UAE conglomerate the Kanoo Group, predicted a rise in demand for data leakage prevention and mobile security systems over the coming years as “more enterprises realise that the biggest security threats are internal”.
Alsharaf said he has opted for a hybrid solution for the group’s security requirements. “We are currently using security as a service for our email security, but opted for an on-premise option for our network security.”
However, some experts say security as a service will evolve slowly in the UAE as organisations gradually become more educated about the market. “The maturity of some of the offered services and their associated service-level agreements are still maturing, and this will influence wide-scale adoption,” said Saeed Agha, general manager – Middle East at Palo Alto Networks.
There is currently an imbalance between supply and demand in the UAE marketplace, said Agha. “We will see higher rates of adoption of some services, such as a managed security operations centre and public cloud security as we see more mature offerings come to the market,” he added.
Agha said securing the public cloud will be a growth area in 2017 as more customers move their workloads and infrastructure into the cloud in the expectation that their data will be protected across their premises and the cloud seamlessly.
“Security as a service will be a rising trend in 2017, but service providers should spend more time educating their customers to create more demand from the customer side,” he added.