Middle Eastern Region: 2023 Sensitive Content Communications Privacy and Compliance

Cyber Threat Landscape in the Middle East

The Middle East faces the same cyber threats as the rest of the world. Energy and utilities, telecommunications, and government sectors top the list of industries that are targeted most frequently. Cybercriminals are employing more sophisticated tactics like double extortion and deepfake technology, and the Middle East has been affected by these more than other industries. The average cost of a data breach in the middle east hit $6.93 million last year, substantially higher than the $4.24 million global average.¹ Middle Eastern organizations face various types of cyberattacks targeting personally identifiable information (PII), protected health information (PHI), intellectual property (IP), financial documents, merger and acquisition activity, and criminal information, among others.

Too Many Communication Tools Compromise Sensitive Content Communications

Kiteworks’ 2023 Sensitive Content Communications Privacy and Compliance Report shows many companies in the Middle East use multiple disaggregated communication tools, which pose risks to data privacy and compliance. Over half of Middle East companies use six or more systems for sensitive file and email content communications. This leads to difficulties in managing and protecting sensitive data as well as demonstrating compliance with various data privacy regulations. Emergence of new regulations in the region and expansion in countries outside of the Middle East ratchet up the importance of compliance governance and reporting. Managing multiple toolsets also adds to capital and operating expenses at the same time, with 37.5% of Middle Eastern companies spending $350,000 or more annually on communication tools.

Evaluating Third-party Content Communication Risks in the Middle East

Nearly half of the respondents in the Middle East report using six or more systems to manage content communications with third parties. Email was listed as the communication channel with the highest risk, with two out of five respondents giving it a number one rank. File sharing was the second highest, with approximately one in three participants rating it as their top risk channel.

There is good cause for organizations in the Middle East to be concerned about managing third-party content communication risks. Only one in five have a comprehensive system to track and control access to sensitive content folders for all content types and departments. Not surprisingly, almost 90% experienced four or more breaches of sensitive content communications in the past year. As a result, 72% believe they must improve their approach to mitigating the risks associated with third-party content communications, with 62% indicating significant or some improvement is needed, while the remaining 10% require a new approach.

Digital Risk Management in the Middle East

Only 22% of respondents track and record third-party access to sensitive files and folders across all departments, with 48% tracking only for certain departments and 23% tracking for specific content types. 34% rank protecting content in motion from malicious threats as their top priority (with a rank one or two), while 27.5% prioritize automating encryption, file sharing, reporting, and other processes and/or tracking content permissions, expiration, locking, and versioning.

Kiteworks for Organizations in the Middle East

Middle Eastern organizations seeking to mitigate their privacy and compliance risk can look to Kiteworks. The Kiteworks Private Content Network unifies, tracks, controls, and secures sensitive content communications in one platform. This unlocks zero-trust policy management across each communication channel—email, file sharing, managed file transfer, web forms, and APIs—and delivers comprehensive audit logs for tracking and reporting on governance-related issues. This unlocks the ability for organizations to demonstrate compliance with data privacy regulations like GDPR, HIPAA, PIPEDA, and others. Kiteworks also offers advanced security capabilities, including a hardened virtual appliance, an embedded network firewall, WAF, and antivirus engine, end-to-end encryption, AI-enabled anomaly detection, and integrated security capabilities like CDR, DLP, and ATP. Kiteworks also offers multiple deployment options. With several secure deployment options, including on-premises, private cloud, and hosted, Kiteworks is an excellent solution for sensitive content communication in the Middle East.

¹ “2022 Cost of a Data Breach Report,” IBM and Ponemon Institute, July 2022.