Cyber security is becoming an increasing challenge for firms in the UAE.
Dubai - Only 50 per cent of the respondents of a survey said that they had cyber-attack contingency arrangements in place.
Published: Mon 21 Dec 2015, 6:14 PM
Updated: Tue 22 Dec 2015, 1:49 AM
Cyber security is becoming an increasing challenge for firms in the UAE with a survey revealing that one-third of UAE firms have been reporting cyber security breaches in the past 12 months.
A KPMG 2015 UAE Cyber Security Survey has found that firms under attack took between two weeks to a month to recover. Over half of the respondents that had been hacked didn't know that they were being targeted by cyber criminals. Furthermore, only 50 per cent of respondents said that they had cyber-attack contingency arrangements in place.
Nitin Khanapurkar, partner KPMG Lower Gulf, said the UAE is on the list of the top 10 destinations targeted by cyber criminals and it comes as no surprise that cyber threats have been growing across key sectors like financial services, oil & gas, technology, government, retail, construction and healthcare. The survey focused on UAE organisations' readiness and ability to respond to cyber-attacks and assessed responses from key sectors in the UAE over a period of two months. "The objective of the 2015 KPMG Cyber Security Survey was to assess UAE organisations' readiness and ability to respond to cyber security threats and the survey has thrown up some interesting insights."
Many boards in the UAE do not have a comprehensive or accurate view of their cyber risks because threat intelligence and cyber monitoring have often been inconsistently implemented, the survey found.
The survey also found that more UAE organisations need to better understand their threat profiles - including who, where and why they are likely to be targeted.
A recent report from Cybersecurity Ventures, a leading research and business development firm, has forecast that the cyber security market of the Middle East and African region is expected to grow to $13.43 billion by the year 2019 - covering an expected compounded annual growth rate of 13.7 per cent in the next five years. Amid this, industry experts have also predicted that digital businesses will suffer major service failures due to the inability of IT security teams to manage digital risk. As global cyber-attacks increase in complexity, GCC businesses must prepare themselves for newer and more advanced threat levels, warned a Dubai-based IT consultancy, Condo Protego.
The recently published 2015 Internet Security Threat Report (ISTR) by Symantec found that despite a 14 per cent decrease in malicious e-mails, and 20 per cent fewer targets, highly targeted spear-phishing attacks rose by eight in 2014.
In the UAE alone, targeted attacks rose 400 per cent in 2014, from less than one per cent of the global total, to almost five per cent. Furthermore, the average response time from companies increased from five days in 2013, to 59 days in 2014. These findings confirm increasing intelligence of cybercriminals, and the difficulty faced by organisations to effectively protect their data against such sophisticated attacks. Cybercriminals continue to improve their attack strategies by acquiring new techniques to avoid detection, and using corporate infrastructures to help breach security. These advancements in their methods have led to an increased number of attacks on larger organisations. According to Symantec, five out of six large companies were attacked by skilled hackers in 2014, representing an increase of 40 percent from 2013.
According to experts at Condo Protego, the threat of cyberattacks is now even larger than ever, as Internet of Things developments emerge amid regional smart city initiatives. The increasing quantity and value of data being generated is being recognised by cyber criminals, further putting organisations in the region at risk.
- issacjohn@khaleejtimes.com