Nearly half (45%) of organizations in the UAE suffered a cyberattack or incident that prevented access to data last year, according to the 2023 Dell Technologies Global Data Protection Index survey of 1,000 IT decision makers (ITDMs) and 500 IT security decision makers.
Respondents report that IT disruption is commonplace, with the vast majority (90%) across EMEA saying their organizations experienced some form of IT disruption in 2023. In the UAE, external security breaches were the most cited (33%) cause of data loss and/or systems downtime within organizations. Over half (55%) of those who experienced a cyberattack event said attackers’ first point of entry was external – users clicking on spam or phishing emails and malicious links, compromised user credentials and hacked mobile devices.
Looking to the implications, respondents said that disruptions that include data loss cost an average of USD $2.61 million in 2023, accounted for an average of 26 hours of unplanned downtime and resulted in an average of 2.45TB worth of data loss. Costs associated with cyberattacks and related incidents have also doubled, up from USD $0.66 million in 2022 to USD $1.41 million in 2023.
Generative AI and cybersecurity
Generative AI (GenAI) is emerging as a strategic tool for bolstering defences, with 65% of those surveyed in the UAE saying that integrating GenAI will provide an advantage to their organization’s cybersecurity posture. However, showing the dual nature of GenAI as both a defensive asset and a source of complexity, 88% also agreed that the adoption of GenAI will generate large volumes of new data. The same percentage in the UAE (92%) agreed that GenAI will amplify the value of specific data types.
“As UAE businesses embrace multi-cloud solutions, hybrid working models and explorations into generative AI, the task of securing digital assets remains even more intricate. In today’s business landscape that is persistently threatened by cyberattacks, IT decision makers must look to implement measures that enhance the resilience of their operations,” said Walid Yehia, Managing Director – UAE, Dell Technologies.
Looking to ransomware attacks, responses suggest an over-confidence surrounding the consequences of a breach. 87% believe that if their organizations experience an attack, they would get all of their data back if they paid the ransom and 80% believe that once they pay the ransom, they won’t be attacked again.
Almost all respondents from the UAE (99%) stated that their organizations have ransomware insurance policies but only 6% of those who experienced an attack said their organizations were fully reimbursed through the policy. Survey responses also suggest ransomware policies are heavily caveated. 59% said their organization had to prove ‘best practice’ cyber threat prevention, 37% said their policy limited claim pay-outs and 44% said particular scenarios voided their policy.