However, the ways and means of addressing such breaches can still be improved, he says.
"What is often surprising and worrying, however, is that many organisations choose a reactive approach to security issues instead of actually addressing the problem through architecture and policy. A good example here is the issue of advanced malware or zero-day attacks—everyone knows that they are there, but only a few organisations proactively address the issue."
Global red alert
"President Obama promised more cash for cyber-wars in the U.S. 2014 military budget. And the U.S.A. is not the only country who cares about the matter."
It's clear from this quote by Alexander Zarovsky, Head of International Business Development, InfoWatch, that targeted cyber-crime is now officially a top-level priority for the largest states and governments. Obama's recent budget proposals suggest that although overall spending has been cut by $3.9 billion, cyber defence efforts have seen an $800 million boost, taking the budget to $4.7 billion.
Moreover, this action has been replicated more locally—and to an impressive standard.
"Both governments and enterprises are treating cyber-crime as a very serious issue. Here in the U.A.E., we have seen that the government has in the last year enacted two new security laws—(i) Law No. 5 of 2012 Concerning Combating Information Technology Crimes (Cyber-crimes Law) and (ii) Law No. 3 of 2012 on Establishing the National Electronic Security Authority (E-Security Authority Law)—that relate specifically to cyber-crime. In fact, the country has even ranked fourth internationally for cyber-security," says Chris Moore, Regional Sales Director, Blue Coat.
He continues, "Although most of what has been reported in the last year has related to attacks on government and public sector organisations, there has been a lot of cyber-criminal activity targeted at enterprises. Of course, these figures are hard to come by given that no organisation would willingly and openly discuss vulnerabilities in its IT infrastructure. Still, there are ongoing discussions within the IT community and security is a topic that is definitely a top priority for IT decision makers."
Defending complex attacks
The increasing sophistication of targeted attacks does call for a more focused and intelligent approach to defence. However, Miguel Barojos, Vice President of Sales, SEMEA, SafeNet, believes these defences are coming.
"The lack of physical barriers in the digital world makes it easy to replicate the attacks that happened in the U.K. one week to the Middle East the next one, but I believe that we will also see sophistication in the cyber-defence infrastructure being built in the future to overcome the threat," he says.
Corey Nachreiner, Director of Security Strategy, WatchGuard, adds, "I believe there is much more awareness and interest in information and network security. Companies in that region are realising that firewalls alone are not going to prevent attacks, and that they need to invest in more technology and people to protect themselves from these cyber-risks. As a result, I believe the region is investing more in cyber-security, and I've seen more security companies and professionals start to develop in the Middle East."
Sign up for CIO Asia eNewsletters.