Cybercrime is projected to cost global businesses a whopping $8 trillion in the next five years, a UAE-based cybersecurity expert told the participants of a regional internal audit conference in Abu Dhabi.
Speaking at the recent 19th Annual Regional Audit Conference at the Jumeirah Etihad Towers, Dr. Karim Sabbagh, Chief Executive Officer of DarkMatter Group, said irreparable reputational damages are on the rise with the escalating regulations increasingly penalising failures to tackle cybercrime.
Quoting a Cybersecurity Report done by his company in November last year, he said the threat landscape is becoming increasingly complex and hyper connected as more and more data and services becomes reachable through the internet. Referring to a survey of 136,000 UAE websites, he said it identified 276055 vulnerabilities with 93 per cent using outdated software, the most common of the vulnerabilities. Over 83 percent had unsupported software while 77 percent had weak credentials. Information leak represented 40 per cent of vulnerabilities and exposures to outdated software.
Abdulqader Obaid Ali, Chairman, UAE IAA, said cybersecurity has become paramount for both the government and private sector organisations given the fact that information has now become an important asset for everyone and needs to be protected well.
He said organisations should inculcate and nurture a culture to educate and train their employees from the top to the bottom on cybersecurity. It has become imperative for companies to have cybersecurity strategies and training their internal auditors and other human resources about cyber threats and measures to counter them. “The pace and variety of technology has remained in an upward mode. This calls for greater focus of our attention to ensure the organisations remain safe from the cyber-attacks which is said to be two billion a day.”
He disclosed that the UAE-IIA has started cybersecurity training courses for auditors on how to tackle cyber-attacks and other related issues and strengthen their organisations remain on the cutting-edge of the business.
About ‘Audit in the Age of AI’, Dr. Karim said Artificial Intelligence (AI) has been turning as a transformational enabler of operational and cost efficiencies, business model and customer engagement. He said as a disruptive technology, the AI should be utilised in the Risk Management frameworks and regulations. However, AI capabilities to learn and reach decisions through algorithmic layers poses a challenge to auditability and traceability, he added.
The Abu Dhabi-based expert said the increasing prevalence of digitisation has been outpaced by a faster incidence of cybersecurity risks. Growing digital empowerment at individual level has been translating into a stronger experience of the threat and attack surface, he said, adding that advancing digital adoption has missed the required capability for detecting and predicting cyberattacks.
Stating that the world was undergoing a fascinating period by benefitting from the uber rise of digitisation, he said there has been an acceleration of risks in cyberspace. Audit functions and practices, he said, were being increasingly digitised, with the technology audit emerging as the central capability in digitised organisation.
Dr. Sabbagh said data theft and frauds were found the leading the list of worries in organisations across the world, with cyber-attacks ranked third on the list in 2018 and 2019. He said there is a need for enhancing audit management through new Governance, Risk and Compliance (GRC) solutions along with leveraging analytics to industrialise continuous audit. He made out a case for implementing continuous risk assessments in organisations and increasing the productivity through the knowledge management.