AI Involvement Surges in One-Third of Gulf Region Data Leak Incidents

A recent report reveals that internal threats continue to pose significant risks to businesses in the Gulf region, with data leaks constituting 50% of detected internal incidents. The study, based on a survey of approximately 100 business leaders, IT experts, and Chief Information Security Officers (CISOs) across the Middle East, highlights a troubling trend: the increasing role of artificial intelligence (AI) in data leak incidents. Notably, 36% of companies utilizing AI tools for sensitive data processing reported experiencing AI-related data incidents in the past year.

Internal Incidents in Gulf-Based Companies

The survey findings indicate that data leaks are a pressing concern for local businesses. Internal incidents are nearly evenly divided between data leakage and non-leakage events. Accidental data leaks and AI-related exposures each account for 17% of all incidents, while intentional data leaks follow closely at 16%. Among non-leakage incidents, corporate fraud and misuse of work time are the most prevalent, each representing 10% of cases, followed by document forgery at 8%.

Yazen Rahmeh, a cybersecurity expert at SearchInform, emphasizes the need for organizations to reassess their security strategies. He notes that as the threat landscape evolves, companies must adopt a broader, more contextual view of internal risks to avoid increased exposure.

The AI Security Gap

Despite the rapid adoption of AI technologies in the region, protective measures have not kept pace. The study found that over half of the respondents (52%) are currently using AI tools to process sensitive data. However, 36% of these companies have already faced incidents related to AI.

The lack of adequate controls for AI usage is concerning. Only 21% of companies employ Data Loss Prevention (DLP) systems to monitor data flows, while whitelisting of AI tools is the most common security measure, utilized by 28% of respondents. Employee training and deployment on local infrastructure each account for 21%.

To mitigate risks associated with AI, Rahmeh advocates for a multi-faceted approach. He stresses the importance of training employees in information security protocols, conducting regular assessments, and implementing technical tools to monitor AI interactions. These measures can help prevent the unauthorized transmission of confidential data through AI platforms.

The Incident Detection Paradox

Interestingly, the survey results reveal a paradox in incident detection. More than half of the respondents (52%) reported a decrease in internal security incidents over the past year compared to the previous year. Meanwhile, 26% noted no change, and only 22% observed an increase in incidents.

The majority of respondents (53%) detect an average of 1-10 internal incidents per month, while 31% report zero incidents, and 16% detect more than 10 incidents monthly. Despite this, an overwhelming 94% of respondents claim their companies possess all necessary data protection tools, with only 6% declining to answer.

Commonly implemented data protection tools include DCAP/DAM systems (43%), DLP solutions (39%), encryption and key management tools (39%), cloud security applications (32%), and watermarking (32%).

The Role of Security Solutions

A notable disparity emerges when respondents are categorized by the number of security solutions implemented. Companies utilizing one to two security tools detect fewer incidents, with only 8% reporting more than 10 incidents per month. In contrast, 29% of companies employing more than three tools report the same. Furthermore, 61% of companies with one to two tools detect 1-10 incidents per month, compared to 43% of those with more than three tools. The proportion of companies reporting no incidents is similar across both groups, at 31% and 28%, respectively.

Rahmeh points out that survey figures may not accurately reflect the actual security landscape. Companies relying on standalone security solutions may detect some incidents, while many others go unnoticed. This can lead to a false sense of security. Conversely, organizations with integrated solutions may appear to have worse statistics but are actually implementing effective multi-layered protection to prevent real incidents.

DLP solutions are identified as essential tools for safeguarding against internal threats. They not only provide capabilities for blocking data leaks but also enhance visibility into business processes and data flows. Internal threats now encompass various forms of corporate fraud, productivity abuse, and AI-enabled misuse, necessitating advanced detection capabilities. Advanced DLP systems offer comprehensive protection against these risks within a single platform.

Regulatory Challenges

The research also highlights regulatory compliance as a significant challenge for many surveyed companies. A substantial 61% of respondents rated the effort required to ensure compliance as high, while 39% assessed it as very high.

For further insights, the full report can be accessed here.

About SearchInform

SearchInform is a vendor of information security and risk management products, as well as a managed security service provider (MSSP). The company serves over 4,000 clients across more than 20 countries, offering a range of products and services designed to protect against insider threats at all levels of corporate information systems. Their offerings include FileAuditor (a DCAP class solution), an advanced DLP system, Risk Monitor (a platform for internal threat mitigation), a SIEM system, and information security outsourcing services.

Keep reading for the latest cybersecurity developments, threat intelligence and breaking updates from across the Middle East.