Two-thirds of companies in the Middle East and North Africa (MENA) do not use a cyber security or technology policy, a new study has indicated.
The research from Thomson Reuters also showed that only 14 per cent of respondents are confident that their technology is applied properly, while 50 per cent have increased their compliance spending over the last two years.
As well as this, 52 per cent of respondents expect a substantial rise in compliance spending in the next two years. Over 39 per cent also prioritised business change and reorganisation investment above technology and training.
When it comes to compliance policies, just seven per cent have complete confidence in them and 44 per cent are worried about an over-reliance on technology.
Nadim Najjar, managing director for MENA at Thomson Reuters, said: "From the responses, we identified five key themes including tone at the top of corporations, increasing investment in sophisticated technology solutions, reorganising processes, decrease in confidence programs and stalled policies."
"While it is encouraging to see MENA organisations moving forward in attempt to align themselves with international best practice, from the responses to the survey, it appears that a full understanding of the requirements of tone from the top is not yet realised."
Mr Najjar explained there needs to be a careful management of relationships with people in senior executive positions, alongside good communication across the organisation.
He added that the high number of regulatory updates and increases in global enforcement activity mean that gaining support at every level of the organisational hierarchy will be extremely important for compliance processes.
The findings are particularly concerning as the IT industry faces more threats than ever before and needs to take increased action to protect key information from cyber criminals.