• In-depth report highlights urgent cyber threats and defensive strategies for the UAE 
  • Government, Energy, and IT sectors identified as primary targets for cyber threat actors
  • Business Email Compromise (BEC) and phishing persist as ongoing cybersecurity threats

Abu Dhabi, UAE – 11 March, 2024:  The UAE Cyber Security Council and CPX Holding, a leading provider of digital-first cybersecurity solutions and services, today announced the release of the ‘State of the UAE – Cybersecurity Report 2024’. The report offers an in-depth analysis of the cyber threat landscape facing the UAE, emphasizing the critical need for advanced cybersecurity measures in response to the increasing complexity and sophistication of cyber threats.

Highlighting the urgency of the situation, the report has identified over 155,000 vulnerable assets within the UAE, with more than 40 percent of critical vulnerabilities remaining unaddressed for over five years. This vulnerability, coupled with the surge in advanced cyber-attacks such as ransomware, underscores the essential need for robust cyber defenses in a region that is at the forefront of AI-driven technological innovations and geopolitical significance.

The report delves into key trends shaping the current cybersecurity challenges, including ransomware attacks, which represent over half of the cyber incidents. The Government, Energy, and Information Technology sectors are the most targeted by cyber threat actors, and traditional attack vectors such as Business Email Compromise (BEC) and phishing remain prevalent, still posing a continuous threat. These methods are likely to become more sophisticated with the integration of AI tools, enhancing social engineering efforts, phishing lures, and the deployment of deep-fake technology to deceive victims. 

The trend is further compounded by the financial repercussions of data breaches, with the Middle East, including the UAE, experiencing the second-highest data breach costs globally, reflecting the economic targets of cyber threat actors against the backdrop of Gulf prosperity. The rise in Distributed Denial of Service (DDoS) attacks further emphasizes the geopolitical intricacies of cyber threats, necessitating a comprehensive and strategic defense mechanism to protect the nation.

H.E. Dr. Mohamed Al Kuwaiti, Head of Cyber Security for the UAE Government, said: “In an era marked by increasingly sophisticated cyber threats that pose significant risks to our national security, the imperative for collective vigilance and strategic action has never been greater. The entire ecosystem should engage proactively in reducing the UAE’s vulnerability to these threats. This report serves as an urgent call to action for all stakeholders to unite in enhancing our cybersecurity measures, thereby protecting our digital infrastructure and securing the economic well-being and safety of our nation.”

Hadi Anwar, Executive Director – Strategic Programs, CPX, added: “The latest cybersecurity report not only underscores the dynamic and evolving nature of cyber threats but also sheds light on the economic vulnerabilities at stake. The economic fallout from cyber incidents, as detailed in our analysis, necessitates a unified approach to bolster our national defenses. Policymakers, companies, and individuals must collectively engage in strengthening our cybersecurity posture. This involves not just adopting advanced technologies and practices but also fostering a culture of cyber awareness and resilience. CPX is at the forefront of this mission, working closely with the UAE Cyber Security Council, to equip organizations with the necessary knowledge, tools, and strategies to safeguard against these threats, setting a new benchmark in cybersecurity excellence.”

The report also highlights the unique cybersecurity challenges faced by the UAE, including advanced persistent threats (APTs), the increasing reliance on digital infrastructure, and the sophisticated tactics of cybercriminals. It emphasizes the need for the UAE to enhance its defense capabilities and foster a culture of cybersecurity awareness across all sectors of society.

Compiled by a consortium of cybersecurity experts, the report acts as a strategic guide for government entities, businesses, and individuals, providing actionable insights to navigate the complexities of the digital era. Key best practices to mitigate cyber risks highlighted in the report include:

    • Implement Endpoint Detection & Response (EDR): Essential for effectively identifying and mitigating cyber threats, ensuring comprehensive visibility across digital assets
    • Establish a 24/7 Security Operation Centre (SOC): Crucial for the continuous surveillance and management of cyber incidents, safeguarding digital ecosystems around the clock
    • Leverage Cyber Threat Intelligence: Key to anticipating and neutralizing emerging cyber threats in real-time through informed, strategic decision-making
    • Create and Implement an Incident Response Plan: A cornerstone of cyber resilience, ensuring preparedness and swift action in the face of cyber incidents
    • Adopt Proactive Threat Hunting Processes: A forward-looking approach to identify and mitigate hidden threats, enhancing the overall security posture

As the UAE continues to lead in digital transformation, addressing these challenges requires a concerted effort from government entities, private organizations, and individuals to ensure the resilience and security of the nation’s digital landscape.

For comprehensive access to the “State of the UAE – Cybersecurity Report 2024” and to explore detailed strategic recommendations for enhancing cyber security, please visit this link.