More than 82% firms in UAE faced at least one ‘cyber attack’ in 2019: Study

By Rahul Vaimal, Associate Editor
  • Follow author on
Representational Image

A recent survey conducted among polled 150 CSOs/CISOs from varied verticals in UAE cybersecurity and compliance firm Proofpoint implied that as many as 82 percent of organizations in the UAE faced at least one cyberattack in 2019, while 51 percent stated multiple incidents.

Account compromise led cyberattack methods in the UAE in 2019, impacting 28 percent of the companies surveyed, followed by credential phishing (20 percent) and insider threats (17 percent).

The survey revealed that almost one-third of respondents (29 percent) believed account compromise will remain to be the UAE’s biggest cyber threat over the next three years, followed by Distributed Denial of Service (DDoS) attacks (28 percent) and phishing (19 percent).

The research further revealed that financial loss (29 percent) and data breaches (28 percent) were the biggest outcomes for UAE organizations in 2019, followed by a decreased customer base (23 percent).

Common security errors made by employees according to CSOs and CISOs in the UAE include poor password hygiene (29 percent), mishandling sensitive information (25 percent), falling for phishing attacks (24 percent), and clicking on malicious links (20 percent), the survey suggested.

Meanwhile,19 percent cited criminal insider threats as a growing concern for businesses.

“A people-centric strategy is a must for organizations in the UAE, as cybercriminals increasingly target people rather than infrastructure, with the aim of stealing credentials, siphoning sensitive data, and fraudulently transferring funds.”
Emile Abou Saleh
Regional Director, Middle East and Africa – Proofpoint

“With our research revealing that 39 percent of UAE CSOs and CISOs believe their employees make their business vulnerable to cyber attacks, education and security awareness is a mission-critical priority and could make the difference between an attempted cyber-attack and a successful one. Along with technical solutions and controls, a comprehensive training program should sit at the heart of an organization’s cyber defense.”

Despite perennial threats, 75 percent of respondents train their employees on cybersecurity best practices twice a year or less while 23 percent of UAE-based organizations train their employees more than three times a year.

Further, UAE-based firms believe cybersecurity will become more of a business priority moving forward, with 50 percent reviewing their cybersecurity strategy twice a year or more and 69 percent expecting their cybersecurity budget to rise by 11 percent or more over the next two years.

Full report is available at”