A significant majority (69%) of UAE business leaders anticipate facing a cybersecurity incident within the next year, yet only 49% of organizations feel adequately prepared to handle such an event, according to a recent study.

Research conducted by Cloudflare, a leading connectivity cloud company, reveals that over half (52%) of UAE organizations have encountered at least one cybersecurity incident in the past year, with many experiencing multiple attacks. This figure is notably higher than in Europe, where 40% of organizations reported similar incidents. Among those attacked in the past year, 16% faced attacks on average every six to 11 days. Additionally, 63% of UAE organizations predict an increase in cyberattacks over the next 12 months.

The study, which surveyed nearly 1,000 business and technology leaders across the Middle East (330 from the UAE) as part of a broader research involving over 4,000 enterprises in 13 European markets, highlighted several key findings. Larger and medium-sized organizations were more prone to attacks compared to smaller ones. The sectors most affected in the UAE were financial services, media & telecoms, and manufacturing. Organizations that have faced frequent attacks are more vigilant, while those in sectors with fewer incidents, such as transport and education, are less prepared.

UAE’s media & telecoms, financial services, and travel and tourism industries are the sectors most likely to foresee an attack in the coming year. The most common types of cyberattacks faced by UAE businesses include web attacks (69%), phishing (47%), and insider threats/stolen credentials (36%), with malware being the top concern.

The lack of preparedness poses significant risks. Organizations that have experienced attacks in the past year estimate the financial impact to be at least $1 million, with 24% estimating losses of $2 million or more. The repercussions extend beyond financial losses; 40% of respondents have delayed growth plans post-attack, and 37% have laid off workers due to the economic fallout from cyberattacks.

Seventy-six percent of respondents anticipate an increase in their IT budgets allocated to cybersecurity over the next year, with most focusing on network investments. Secure Access Service Edge (SASE) is underutilized, with only 17% of respondents fully implementing this model. However, 70% are working with a single SASE vendor, which could simplify deployment.

Organizational leaders are optimistic about the potential of Zero Trust projects to enhance user experience and enable more cloud-native possibilities. Yet, 75% believe their leaders lack understanding of Zero Trust architecture, hindering its adoption in 55% of UAE organizations.

Bashar Bashaireh, RVP Middle East and Türkiye at Cloudflare, emphasized the need for a comprehensive 'Everywhere Security' approach, advocating for greater investment in consolidated solutions with an any-to-any cloud strategy to address the multifaceted threat environment. Zero Trust is seen as a critical component to bolster security preparedness.