Nearly Half of Middle East Organisations Lack Incident Response Plans

Survey conducted by Resilient Systems at GISEC reveals the need for Incident Response investment in the Middle East

Resilient Systems (formerly known as Co3 Systems), the leading Incident Response Platform (IRP) provider, announced that nearly half (46 percent) of Middle East organisations have no Incident Response (IR) plans, according to the findings of a survey conducted at GISEC, the largest information security conference in the Middle East.

The survey of more than 150 enterprise security professionals also found the rate of security incidents is very high in the region, with 69 percent of organisations experiencing an incident in the last 12 months – highlighting the need for greater resilience against cybersecurity threats.


With preventative and detective tools alone failing to stop breaches, Incident Response is vital to ensuring that security incidents do not escalate into business crises. Historically, organisations would turn to consultancy services to establish the extent of security incidents and take action to mitigate the damage and future attacks. But with incidents increasing in frequency, sophistication, and severity, organisations can no longer afford to take an ad hoc approach to response.

“In this new era of cybercrime, businesses are learning that identifying and protecting against threats isn’t enough – they have to be able to respond, and they have to do it faster, better, and smarter than before,” said Paul Ayers, General Manager, EMEA, of Resilient Systems. “Security incidents are inevitable – but the good news is that quick and effective response can make cyber threats manageable, and ensure that businesses can thrive in the face of them.”

The survey also found that:

  • Seventeen percent of organisations reported having more than 25 incidents in the last year
  • Incident Response is becoming a priority for many, with 63 percent saying their business will invest in Incident Response in the next 20 months.
  • However, 14 percent have no plans to improve incident response capabilities

“Just as businesses have learned to live with fire, accidents, and theft for centuries, companies today can learn to mitigate and move on from cyberattacks, ”said Ayers. “Practice makes perfect. By preparing and provisioning for response, developing IR plans, and testing them regularly, organisations can take control of the situation – giving them the ability to limit or completely avoid incidents damaging their company and its public perception. That’s the essence of Cyber Resilience.”

Resilient System’s Incident Response Platform (IRP) arms incident response teams with workflows, intelligence, and deep-data analytics to react faster, coordinate better, and respond smarter. The Resilient Systems IRP is distributed in the Middle East through its partnership with security value added distributor, Shifra.

“As with the rest of the world, cybercrime in the Middle East has reached unprecedented levels in the recent past,” said Ahmad Elkhatib, managing director of Shifra. “These findings reflect the reality that, as businesses in the region grow, they will increasingly become the target of cyberattacks and require Incident Response tools in order to develop quick reflexes in handling breaches.”

 About Resilient Systems

Resilient Systems (formerly Co3 Systems) is the leading Incident Response Platform provider, empowering organisations to thrive in the face of cyberattacks and business crises. Our collaborative platform arms incident response teams with workflows, intelligence, and deep-data analytics to react faster, coordinate better, and respond smarter. Headquartered in Massachusetts, USA, Resilient Systems’ customers are some of the world’s most trusted organisations. Visit us at

About Shifra

Shifra is a value added distributor founded in 2007 out of Dubai Internet City with a partner network covering the Middle East region. Shifra provides expertise to enterprise customers around the Middle East in three main areas: Information Security, Identity Protection and Enterprise Mobility. The name Shifra originates from the word “Sifr”, the Arabic numeral zero which was later used to describe a cipher that then created a coded message, thus forming the basis of encryption as we know it today.

With an extensive experience in channel development for multi-national vendors the Shifra team has the perfect aptitude to understand the needs of the market and satisfy them. Our team consists of information technology experts that hold a cumulative experience of over 100 years in the field. Shifra professionals bring international experience from across the world; the US, Europe, Asia and the Middle East region.