InfoWatch Group has released a report on confidential data leaks from organizations in the Middle East, covering the period from 1st July 2017 through 30th June 2018.
According to InfoWatch Analytical Center, local government agencies and educational institutions experienced 36 percent and 20 percent of all leaks, respectively (twice as many as worldwide average).
While 66 percent of all global incidents over the reporting period affected personal data, the majority (over 38 percent) of Middle Eastern data breaches compromised trade secrets and know how, with personal data in the region leaked in less than 30 percent of cases.
“The difference between global and regional leak breakdowns by data type is largely due to political and economic landscapes of the Middle East,” said Kristina Tantsyura, InfoWatch Group’s Business Development Director for Middle East and InfoWatch Gulf’s CEO. “Countries’ specifics and possible tensions among Gulf states have a significant effect here. The Middle East countries see public uproar when information of political or technological value is compromised as a result of either external attacks on government agencies and manufacturing enterprises or malicious and negligent actions by their employees.”
While two thirds of all leaks from the Middle East companies was caused by external intruders, almost the same share worldwide (63 percent) was attributed to internal offenders.
“Internally-triggered leaks are just as dangerous for the Middle East as external ones, despite their relatively small share here,” said Kristina Tantsyura. “Internal data breaches in the region were mostly of malicious nature and often compromised extremely sensitive data, leading to severe consequences, even damage to national defense capability.”
One in five incidents in the Middle East was caused by non-privileged, rank-and-file employees, while top managers were at fault 2.5 times more often than globally.
While the network channel was used in the majority of enterprise data leaks over the period both worldwide and in the Middle East, there is a big difference in local and global leak breakdown by channel. The shares of leaks through mobile devices and instant messengers in the Middle East were more than three and almost four times larger than global figures, respectively.
“The analysis of publicly available cases shows that government agencies and most businesses in the Middle East lack reliable tools to protect themselves against both external and internal leaks,” noted Kristina Tantsyura. “To prevent sensitive data breaches, Middle East companies need to reconsider their security approach in terms of both information handling and use of particular external and insider threat protection tools that should combine Data Loss Prevention (DLP) with, say, User and Entity Behavior Analytics (UEBA) technology, which analyzes enterprise information flows and uses machine learning-based models to predict cybersecurity risks.”
Background
The report relies on the InfoWatch Analytical Center’s own database that aggregates publicly reported data leaks, which hit profit and non-profit (public, municipal) organizations and resulted from malicious or negligent actions by employees or criminals from the outside.
InfoWatch Gulf is InfoWatch Group’s full-service office established to promote the group’s solutions in the Middle East, with InfoWatch Traffic Monitor featuring InfoWatch Vision module being its flagship product for the local markets.
At GITEX Technology Week 2017 (Dubai), InfoWatch Gulf unveiled TaigaPhone, a hardware and software suite for the Middle East.
