In a joint effort to address the escalating cyber threats facing the UAE, the UAE Cyber Security Council and CPX Holding, a prominent provider of digital-first cybersecurity solutions and services, have unveiled the ‘State of the UAE – Cybersecurity Report 2024’. This comprehensive report offers an examination of the current cyber threat landscape in the UAE, highlighting the critical necessity for advanced cybersecurity measures to counter the growing complexity and sophistication of cyber attacks.
The report, compiled by a consortium of cybersecurity experts, has uncovered alarming statistics, revealing over 155,000 vulnerable assets within the UAE. Shockingly, more than 40 percent of critical vulnerabilities have remained unaddressed for over five years, exposing the nation to heightened risks of cyber exploitation. This vulnerability, combined with the surge in advanced cyber-attacks such as ransomware, underscores the urgent need for robust cyber defences in a region renowned for its AI-driven technological innovations and geopolitical significance.
Ransomware attacks, representing over half of the cyber incidents, have emerged as a predominant threat, targeting key sectors including Government, Energy, and Information Technology. Traditional attack vectors such as Business Email Compromise (BEC) and phishing continue to pose significant risks, with cybercriminals increasingly leveraging AI tools to enhance their tactics, including social engineering efforts and the deployment of deep-fake technology.
Moreover, the financial repercussions of data breaches have propelled the Middle East, including the UAE, to the forefront of global data breach costs, reflecting the economic motives driving cyber threat actors. Distributed Denial of Service (DDoS) attacks further underscore the geopolitical intricacies of cyber threats, necessitating a comprehensive defence mechanism to safeguard the nation’s interests.
H.E. Dr. Mohamed Al Kuwaiti, Head of Cyber Security for the UAE Government, emphasised the imperative for collective vigilance and strategic action, stating, “In an era marked by increasingly sophisticated cyber threats that pose significant risks to our national security, the imperative for collective vigilance and strategic action has never been greater. The entire ecosystem should engage proactively in reducing the UAE’s vulnerability to these threats. This report serves as an urgent call to action for all stakeholders to unite in enhancing our cybersecurity measures, thereby protecting our digital infrastructure and securing the economic well-being and safety of our nation.”
Hadi Anwar, Executive Director – Strategic Programmes at CPX, stressed the importance of a unified approach, stating, “The economic fallout from cyber incidents necessitates a collective effort to bolster our national defences.”
The report not only identifies the unique cybersecurity challenges faced by the UAE, including advanced persistent threats (APTs) and the increasing reliance on digital infrastructure, but also provides actionable insights to navigate the complexities of the digital era. Key best practices highlighted include implementing Endpoint Detection & Response (EDR), establishing a 24/7 Security Operation Centre (SOC), leveraging Cyber Threat Intelligence, creating and implementing an Incident Response Plan, and adopting proactive threat hunting processes.
As the UAE continues to lead in digital transformation, addressing these challenges demands a collaborative effort from government entities, private organisations, and individuals to ensure the resilience and security of the nation’s digital landscape. The release of the ‘State of the UAE – Cybersecurity Report 2024’ serves as a call for all stakeholders to unite in fortifying the nation’s cyber defences and safeguarding its digital future.