UAE Government leapfrogs Europe in Cybersecurity preparedness
Private sector faces urgent business case to match Federal standards
The UAE government has leapfrogged European countries in cybersecurity preparedness, protecting the country's critical national infrastructure in the face of growing cyber threats, industry experts have said.
In the United Nations International Telecommunications Union's most recent "Global Cybersecurity Index", the UAE ranks 17th in the world, outpacing countries such as Greece, Ireland, and Portugal. The index measures cybersecurity aspects such as legislation, regulation and compliance, capacity building, and international cooperation.
"The UAEs' impressive ranking demonstrates the effectiveness of the National Electronic Security Authority's cybersecurity outreach, and that the UAE government is one of the most innovative countries in the world in prioritising cybersecurity," said Savitha Bhaskar, COO at IT consultancy and cybersecurity experts Condo Protego.
Worldwide, 83% of large companies were targeted with spear-phishing attacks, 60% of targeted attacks striking small- and medium-sized organisations, while malware and ransomware attacks continue to grow, according to Symantec's most recent "Internet Security Threat Report".
Confronting an increasing number of increasingly complex cybersecurity attacks, in 2014, the UAE National Electronic Security Authority (NESA) announced the National Cyber Security Programme, which requires government agencies to report on their cybersecurity infrastructure, as part of creating a secure national digital environment.
As part of the programme, NESA can also audit government agencies' cybersecurity systems, commission cybersecurity tests, and intervene to strengthen systems.
The UAE's private sector organisations must catch up to federal standards, argued Condo Protego. The European Union, for example, recently required ISPs, online retailers and search engines to declare cybersecurity breaches, Condo Protego stated.
"There's a strong business case to be made that UAE private sector organisations cannot wait until they have been breached to deploy cybersecurity solutions. Rather, they face an urgency to follow government guidelines, similar to how UAE banks follow international banking guidelines. Private sector companies large and small need to be more transparent in protecting their ICT infrastructure and vital customer data," added Bhaskar.