Business entities in the UAE have been advised to maintain updated systems, actively monitor for potential threats, and safeguard their data in light of the rising cyber threats. Notably, during the third quarter of 2023, 56 percent of businesses experienced a data breach. With over 83 million cyber threats detected and blocked in the UAE last year, the UAE Cyber Security Council has offered several quick tips to fortify digital spaces:
1. Stay protected: The Council highlighted that 56 percent of businesses faced a data breach in the third quarter of 2023. They urge businesses to activate their cyber operations center and promptly report any unusual activities targeting their sectors.
2. Enhance DDoS protection: It is strongly recommended to evaluate distributed denial-of-service (DDoS) protection from ISPs of security services and review the configuration of current services to ensure effectiveness.
3. Stay informed: Businesses should proactively monitor and assess cyber threat intelligence sources to analyze emerging and potential threats.
4. Update all software, operating systems, and security applications: Although these steps seem basic, they are often overlooked. Ensuring all updates are current ensures that programs receive the latest security patches.
5. Monitor traffic: Businesses are urged to use Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) to observe network data traffic and detect suspicious behavior promptly.
6. Be prepared: Developing a comprehensive cyber incident response plan that includes mechanisms for identifying, controlling, and mitigating the impact of incidents is also strongly advised.
7. Beware of phishing: Businesses are strongly urged to be vigilant towards unsolicited messages requesting personal or financial information. Phishing remains a significant threat, with 54 percent of individuals falling victim to phishing websites in the third quarter of 2023, and 19 percent targeted for social media scams.
8. Use strong passwords: It is highly recommended to enable two-factor authentication, adding an extra layer of protection to the login process by combining something known (like a password) with something possessed (like a one-time password) or something inherent (such as a biometric scan).
9. Keep backups: Business entities are urged to protect their important data by storing it on secure backup media. Harish Chib, vice president for the Middle East & Africa region at Sophos, recommends following the ‘3-2-1 Rule’ for backups: three copies, two different storage locations, and one offsite/offline.