Skip to content Skip to Search
Skip navigation

UAE cybersecurity is failing, say IT executives

Mohammed Al Kuwaiti, head of cybersecurity for the UAE government. Lack of resources and too many manual processes are just a few of the IT safety issues facing companies Wam
Mohammed Al Kuwaiti, head of cybersecurity for the UAE government. Lack of resources and too many manual processes are just a few of the IT safety issues facing companies
  • Rise in undetected attacks
  • Lack of IT skills a priority
  • Human error undermines tech

Inadequate technology is one of the primary causes of data breaches suffered by UAE companies, despite huge investments made by IT departments in the Gulf state to combat cyberattacks, say experts.

Companies in the Mena region spent $2.8 billion on cybersecurity last year, according to US technology research and consulting firm Gartner. 

Yet a report by Trellix, a US cybersecurity company, found that over half of chief information security officers (CISOs) surveyed in the UAE whose organisation had suffered a cyberattack, said their technology did not detect the breach.

Other top causes included issues due to the organisation’s lack of resources, lack of IT skills and too many manual processes, which hurt the mean time to detect or repair.

The UAE is faced with around 50,000 attacks a day “and the number is only increasing”, the Gulf state’s head of cybersecurity Dr Mohamed Al Kuwaiti said in a statement in May this year.

Trellix’s study interviewed 500 security officers, each with a minimum of 1,000 UAE employees, from industries including energy and utilities, healthcare, public sectors, manufacturing and production and financial services. Every respondent experienced at least one cyber incident in the past five years.

One head of information security and risk management at a leading bank in the UAE, who did not wish to be named, told AGBI that there is little technology can do.

“When implementing a new solution, security leaders often lean towards advanced features, overlooking the set-up of basic security controls, under the assumption that they come automatically. However, that is not the case,” the bank official said.

“For instance, though we receive one-time passwords via SMS or email during online transactions, we often overlook verifying if it corresponds to the intended transaction.

“Technology can only do so much to mitigate the impact of human mistakes.”

The number of CISOs attributing the root cause of cyber incidents to a lack of detection has risen over time, the report showed. 

Three years ago technology failing to detect an attack formed the root cause for only 9 percent of incidents. In the past year it has grown to 22 percent.

“A fragmented security infrastructure can result in blind spots, where certain types of threats go undetected due to the lack of coordination between different security tools,” Kausar Nur Mukeri, vice president of information security at private school provider Gems Education, said.

CISOs also felt that people, processes and technology needed an overhaul in the IT departments after a breach has occurred.

Almost all respondents to the Trellix survey agreed that some improvements were needed in their processes. All said their organisation had to make some improvements in terms of people and technology.

“Organisations should adopt a holistic and proactive approach to cybersecurity,” Mukeri said.

“This involves a combination of advanced technologies, end-to-end visibility, integration of all security technologies, regular security assessments, employee awareness and a robust incident response plan.”

Latest articles

FILE PHOTO: United Arab Emirates Minister of State for Foreign Trade Thani Al Zeyoudi gestures during an interview with Reuters in Dubai, United Arab Emirates, June 30, 2022. REUTERS/Abdel Hadi Ramahi/File Photo

UAE and Kenya complete Cepa negotiations

The UAE and Kenya have completed negotiations on a comprehensive economic partnership agreement (Cepa) between the two countries. It is the 12th Cepa deal secured by the UAE and its third in Africa, after agreements were signed last year with Mauritius and the Republic of the Congo (Congo-Brazzaville). “The UAE-Kenya Cepa will not only boost […]

Adnoc has bid for German polymer manufacturer Covestro but its offers €55 and €57 per share were rejected

Adnoc faces hurdles in completing ambitious European deals

Abu Dhabi state oil company Adnoc is facing challenges to a duo of major European deals it is trying to get over the finish line, according to media reports. Talks with Austrian energy group OMV have been put on hold to allow parties to navigate a series of disagreements, the Financial Times reported on Friday. […]

A worker at a phosphate production plant in Metlaoui, Tunisia. Phosphate accounts for 15% of Tunisia's exports

Saudi Arabia loans $55m for Tunisian rail renewal

Saudi Arabia has signed a $55 million loan deal with Tunisia to finance the renewal of the North African country’s rail network.  The railway is used to transport phosphate, a sector that makes up around 4 percent of Tunisia’s GDP and 15 percent of the country’s exports. Tunisia plans to produce eight million tonnes by […]

Visitors enjoy the Karnak Temples; the government hopes to entice 30 million tourists to Egypt a year by 2030 tourism egypt

Egypt tourism up 5% in early 2024 despite Gaza conflict

The number of tourists visiting Egypt increased by five percent year on year in the first 40 days of 2024, according to Egypt’s tourism minister, Ahmed Issa. The announcement came after reports in January that visitor numbers for the whole of 2023 reached a record high of 14.9 million, just shy of the 15 million […]