Breaking cybersecurity news, news analysis, commentary, and other content from around the world, with an initial focus on the Middle East & Africa.

Cybersecurity Incidents Consistently Increase in UAE

Malicious insider threats are increasingly becoming a cause for concern among businesses in the United Arab Emirates.

Nicholas Fearn, Contributing Writer, Technology Journalist

January 12, 2024

2 Min Read
A laptop screen with the UAE flag and hooded characters on it
Source: 3D generator via Alamy Stock Photo

During the past two years, the vast majority of United Arab Emirates-based businesses have experienced a cybersecurity incident.

According to research from Kaspersky, 87% of companies in UAE have faced different forms of cyber incidents in the past two years. However, 25% of those cybersecurity incidents were caused by the malicious actions of their staff.

Growing Concern of Malicious Insider Threats

Employees conducting malicious online behavior is becoming a major concern for businesses across all industries, with Kaspersky describing them as "the most dangerous of all employees who can provoke cyber incidents."

Kaspersky claims a number of factors enable people to perform malicious behavior against their employers, such as understanding their company's IT and cybersecurity infrastructure, having access to the company network, and using knowledge of their colleagues for launching social engineering attacks. 

Jake Moore, global security advisor at ESET, agrees that malicious insider threats are "a significant worry" for businesses, but he stresses that "humans also carry an accidental risk in business situations."

He says: "Accidental threats might include employees inadvertently bringing in malware or enabling data leakage, which can often be mitigated with annual and ad hoc training programs for all staff."

Prepared For Defense?

Although UAE-based businesses are facing high levels of cybercrime, which includes 66% experiencing data breaches, the problem is not getting any better. 

A previous Kaspersky study, released in December 2023, shows that 77% of APAC companies don't possess the tools required for spotting cyberattacks. Meanwhile, 87% of firms are plagued by a shortage of cybersecurity talent, making it harder to stop cyber criminals in their tracks.

In the past, security leaders in the UAE have struggled to ensure secure access to remote employee and corporate-owned devices, said Mohammed Al-Moneer, regional senior director for META at Infoblox. He said businesses fear data leaks and cloud attacks "and do not believe they have a firm handle on the insider threat."

In Infoblox's report, only 15% of respondents in the UAE believe their organization is prepared to defend their organization's networks against insider threats.

Gopan Sivasankaran, general manager of the META region at Secureworks, explained that the UAE's booming digital economy and greater use of data makes the country an "attractive" target for both cybercriminals and hostile states.

"The insight from the incident response engagements and active attacks on organizations we've worked on in the Middle East over the last year show organizations in the UAE have been victims to large scale wiper attacks as well as nation-state sponsored attacks," he says. 

"Across the Middle East we can see that banking, manufacturing, retail, and healthcare organizations are the most likely to reach out to us for help with a cyber incident," he adds. "But government, hospitality, and transportation are also highly prized targets."

About the Author(s)

Nicholas Fearn, Contributing Writer

Technology Journalist

Nicholas Fearn is a freelance tech journalist from the Welsh valleys. He's written for major outlets like Forbes, Financial Times, The Guardian, The Independent, The Telegraph, HuffPost and Business Insider, as well as tech publications like Gizmodo, TechRadar, Laptop Mag, Computer Weekly, ITPro and many more. When Nicholas isn't geeking over the latest gadgets and tech trends, he's probably listening to Mariah Carey on repeat.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights