Almost 70% of external attacks on Middle East organisations in 2011 were on applications, according to the latest Threat Intelligence Report released today by information risk management provider Paladion Networks.
51% of Middle East attacks were on large enterprises, with the average company facing 50 external intrusions attempts per month, the report stated.
The report highlighted a need to shift focus from managing network level vulnerabilities, where companies are more mature, to monitoring applications in order to stay secure.
Geographically, 35% of Middle East attacks in 2011 came from China, whilst 17% came from the USA.
Phishing attacks predominantly came through the U.S., although the report found that these types of attacks on financial institutions were down. The report claimed this decrease was down to faster takedown rates and lower victims per site.
“Our conclusions are based on first-hand experience of working in the Middle East with local and multinational companies from various industry sectors,” said Rajat Mohanty, CEO at Paladion Networks.
“As revealed in the report, the InfoSecurity threat landscape within enterprises is shifting with changing times and the measures to deal with them are expanding. Overall, while threats are getting more financially motivated and targeted on applications, organisations have lower levels of monitoring and higher vulnerabilities on application level, which also stay open for much longer compared to network level,” he added.
The data from the report was taken from security incident monitoring, phishing monitoring, vulnerability assessment (VA) and penetration testing services carried out by Paladion for 260 medium to large enterprises and 14,000 assets spread across different verticals in the Middle East, India and South East Asia.
Paladion has been operating in the Middle East region for over eight years and has offices in the UAE, KSA, Qatar and Oman. It serves eight out of the top 10 telecom companies and 20 out of the top 25 banks in the region.