More Applications and Workloads Moving to the Cloud, but One-Third of Companies in the Kingdom Admitted to a Security Breach

RIYADH, Kingdom of Saudi Arabia – 26 December 2017 – Palo Alto Networks®, the next-generation security company, today announced the results of its cloud security survey. Surveying more than 1,000 IT decision-makers in Saudi Arabia and the United Arab Emirates, the survey explores the state of cloud adoption and security among organizations in the region.

As Saudi Arabia increases its foothold in the technology space, with initiatives in the public sphere including increased provisioning of e-services and interconnectivity between government agencies, the Kingdom is encouraging and embracing the growth of cloud computing along with other technologies.

As a result of automation and cloud services integration advancements, effective next-generation security measures can now be easily applied without causing administrative friction, and the notion that security is a bottleneck to embracing any cloud model is a thing of the past.

Organizations are rapidly adopting cloud technologies, and moving applications and data into a diverse set of cloud offerings, spanning public cloud, private cloud, hybrid cloud and SaaS. In Saudi Arabia, a shift towards digitalization, Internet of Things, and cloud computing is boosted by ambitious mega-projects and initiatives, such as Saudi Vision 2030, that are expected to have a positive impact on the country’s IT services market. Saudi Vision 2030 and National Transformation Program 2020 call on public and private-sector organizations to adopt the latest technology innovations to enable new digital business models and enhance the Kingdom’s economic competitiveness.

According to the Palo Alto Networks survey results, Saudi CIOs agree that cloud security is a top priority; on a scale of 0 to 10, with 10 being “very important,” cloud security was ranked 8 or higher by the majority of Saudi CIOs (51 percent).

The Palo Alto Networks survey also found that more than two-thirds of respondents (73 percent) in Saudi Arabia indicated they had one to 10 cloud-based applications in use in their organizations, with 8 percent and 9 percent stating that they had 11 to 20 and more than 21 applications, respectively. Private cloud is the most popular cloud computing solution among Saudi enterprises, with 30 percent of respondents stating their companies had adopted this. A further 19 percent of respondents preferred the public cloud, and 14 percent stated that they did not have any cloud computing solutions deployed but planned to make the shift to the cloud in the near future.

Organizations are realizing that an increased reliance on cloud computing brings with it enhanced security concerns, especially in light of the recent high-profile cyberattack targeting Saudi government ministries.


  • “Today, cloud is a reality. There is immense opportunity in the region for organizations to increase operational efficiencies and drive agile business models. With workloads and data increasingly distributed across physical and cloud computing environments, organizations need to have security in place that provides visibility, control and prevention of known and unknown threats, and which protects data, regardless of where it resides.”
    • Ehab Derbas, country manager, Saudi Arabia at Palo Alto Networks

With 39 percent of respondents admitting to having experienced a security incident, or being unsure if an incident had taken place, security vigilance needs be a top priority when it comes to the cloud. Of those surveyed, more than 50 percent stipulated that firewalls (62 percent) and password protection (58 percent) were among the top security systems their companies deployed to protect themselves against security breaches, indicating that there is a lack of understanding when it comes to securing applications and data in the cloud.

Regardless of an organization’s size, a prevention-focused, natively engineered security platform that is simple to deploy and scalable to meet future growth and provide consistent protection across network, endpoint and cloud environments is ideal.

Three key considerations when adopting cloud services are:

1. Who is really responsible for your data?

In public cloud environments, as the data owner, customers are responsible for securing their data – not the cloud service provider. Although the CSP will secure the underlying infrastructure, the safety of applications and data is a customer organization’s responsibility, so the CSP needs to consider this.

2. Who has access to applications and data?

A role-based access policy can help mitigate the risk of data loss. Although the CSP will have authorization messages in place, it is important that customer organizations decide who should have access and whether additional assurance is required.

3. What happens if there is a security breach?

What kind of support will the CSP give if there is a breach? It is important to understand this before launching a cloud strategy.

The Palo Alto Networks Next-Generation Security Platform provides a comprehensive and consistent policy across an organization’s architecture, including its cloud footprint. By automating deployment and policy updates, and integrating with cloud services, the platform can operate at the speed of the cloud, and organizations can build scalable, secure and resilient cloud architectures. As data becomes more and more distributed across a diverse mix of physical data centers, private and public clouds, and software as a service, having complete and unified visibility and consistent security measures becomes increasingly important to protect data no matter where it resides.

To stay protected, organizations should have consistent security policies across physical and virtualized environments. It is essential to fully maximize the use of computing resources to control traffic between workloads, while preventing the lateral movement of threats, and centrally manage security deployments and streamline policy updates.

For more information about securely enabling public and private clouds, visit:


About Palo Alto Networks

Palo Alto Networks is the next-generation security company, leading a new era in cybersecurity by safely enabling applications and preventing cyber breaches for tens of thousands of organizations worldwide. Built with an innovative approach and highly differentiated cyberthreat prevention capabilities, our game-changing security platform delivers security far superior to legacy or point products, safely enables daily business operations, and protects an organization’s most valuable assets. Find out more at

Palo Alto Networks and the Palo Alto Networks logo are trademarks of Palo Alto Networks, Inc. in the United States and in jurisdictions throughout the world. All other trademarks, trade names or service marks used or mentioned herein belong to their respective owners.


Media Contact:

Amina Grimen
+971 4 275 4100