Half of organisations faced cyberattacks blocking data access

Nearly half (45%) of UAE organisations experienced a cyberattack or data access incident last year, as revealed by the 2023 Dell Technologies Global Data Protection Index, which surveyed 1,000 IT and 500 IT security decision-makers.

The report highlights frequent IT disruptions, with 90% in EMEA facing such issues in 2023. In the UAE, external security breaches, including spam, phishing, compromised credentials, and hacked devices, were the primary causes of data loss and downtime, affecting 33% of organisations.

The survey also noted significant financial implications, with disruptions leading to an average cost of $2.61 million, 26 hours of downtime, and 2.45TB of data loss in 2023. Cyberattack-related costs more than doubled from $0.66 million in 2022 to $1.41 million in 2023.

On the topic of generative AI (GenAI) in cybersecurity, 65% of UAE respondents believe integrating GenAI will enhance their cybersecurity stance. Despite its potential benefits, 88% anticipate GenAI will introduce large data volumes, and 92% think it will increase the value of certain data types, underscoring GenAI's complexity and dual-use nature in cybersecurity.

“As UAE businesses embrace multi-cloud solutions, hybrid working models and explorations into generative AI, the task of securing digital assets remains even more intricate. In today’s business landscape that is persistently threatened by cyberattacks, IT decision makers must look to implement measures that enhance the resilience of their operations,” said Walid Yehia, Managing Director - UAE, Dell Technologies.

The survey indicates a notable overconfidence among respondents regarding the outcomes of ransomware attacks. 87% are confident that paying a ransom would result in the full recovery of their data, and 80% believe that payment would prevent future attacks.

In the UAE, virtually all (99%) respondents mentioned their organisations have ransomware insurance policies. However, only 6% of those affected by attacks reported full reimbursement through their policies. The survey also highlights the stringent conditions of ransomware policies; 59% of respondents indicated that their organisations must demonstrate 'best practice' in cyber threat prevention to qualify for claims. Additionally, 37% mentioned that their policies have limits on claim payouts, and 44% noted that certain scenarios could nullify their policy.