Zero trust security adoption will increase tenfold in the Gulf region by the end of 2025, with critical infrastructure sectors such as finance, oil and gas leading the way.
Nader Henein, vice president and analyst at Gartner, predicts that 10% of large enterprises in that region will have a “comprehensive, mature and measurable” zero trust program within the next two years, up from less than 1%. in 2023.
A zero-trust strategy works like this: any user or device attempting to access company resources must be verified every time they request access to applications and the network, even if they have been previously validated. Everything is considered untrustworthy until verified.
Many Gulf organizations are just starting their cybersecurity journey, Henein says, so they are able to build their infrastructure around the Zero Trust principle instead of “ripping and replacing” existing systems.
“THE [Gulf region] it is a younger market than some Western regions… it is more open to evolution and growth,” says Henein.
Rob Andrews, director of product management at Sophos, explains how zero trust is still early in the adoption cycle in the Gulf region. “Regional vendors and cybersecurity professionals are still defining what zero trust is and which products and solutions fit within its framework. Zero trust is a framework; no single product or service will achieve it,” he notes.
Overall, zero trust adoption in the Gulf is primarily driven by regulated sectors, such as banking and finance, as well as oil and gas, which are heavily targeted by cyberattacks, says Gartner’s Henein.
The United Arab Emirates leads the way
As cloud adoption continues to grow particularly in the UAE, experts say Zero Trust adoption will also follow. In 2021, nearly 43% of organizations in the UAE have adopted cloud computing, compared to 49% in Western Europe and North America, according to a study. relationship published by Telecom Advisory Services.
IDC estimates that total spending on public cloud services in the UAE is expected to grow 26% over the next five years, reaching $3.2 billion in 2026.
According to Telecom Advisory Services, the adoption of cloud technology will add $181 billion in economic value to the UAE over the next decade. This equates to 2.5% of the Emirates’ economy.
According to the survey, more than 55% of cloud security leaders in the Middle East plan to prioritize Zero Trust strategies this year. The future of cloud security in the Middle East relationship. In the study of 584 professionals, led by the UAE government’s cybersecurity chief, Dr Mohamed Al Kuwaiti, nearly 43% of respondents said security was the most important factor when choosing a cloud service provider .
Michael Adjei, director of systems engineering, EMEA at Illumio, says that while organizations in the UAE recognize the importance of zero trust strategies to strengthen security and resilience, local companies are still struggling to implement them fast enough.
“Before companies can get to a stage where zero trust becomes a realistic concept, they must first gain full visibility within their organizations, which is proving [to be] a sticking point for some,” he notes.
According to Adjei, UAE organizations urgently need visibility into their hybrid and multi-cloud environments. “They are looking for the right technologies that will help them gain control of their entire estate,” she says. “Once companies can see what’s happening in their environment, they can start adding the right security controls.”
Channeling Zero Trust
But while it may be the start of the UAE’s zero trust journey, the region is home to a strong international supplier base, which could help drive adoption.
“Channel partners are set to play a key role in bringing widespread awareness and adoption of Zero Trust in the region,” says Adjei. “Vendors and security partners must provide a practical path to zero trust implementation, with minimal disruption to organizations, so that customers can achieve optimal benefits.”