The UAE is leading the charge in the Middle East around advanced government action to change the nation to a culture of security and protection, according to US-based cybersecurity company SecureWorks’ chief executive officer Wendy Thomas.
However, is a target for “criminal threat actor groups and hostile state actors,” with 20 percent of successful attack being “phishing related”, Thomas said in an exclusive interview with Arabian Business.
UAE as a high-tech and wealthy country
“The UAE is a very high-tech, wealthy and strategically positioned country in the region, unfortunately it is also a target for both criminal threat actor groups and hostile state actors like, and we have this year seen an acceleration of attacks in the region and in the country,” Thomas said.
“Here in the UAE, we see about 20 percent of the successful attacks are phishing related,” she added, explaining that banking, manufacturing, and healthcare organisations are the most likely to reach out for help in the event of a cyber incident, however, the most prized targets in the region are government, hospitality, and transportation organisations.
The root cause of the majority of attacks in the UAE being successful are a result of exploiting unpatched software vulnerabilities. This is a global trend where software vulnerabilities are increasing and being weaponised, SecureWorks’ Thomas said.
The cost of a cyber attack to an organisation includes the potential inability to operate, the cost of brand reputation to customers, and the cost to remediate the attack.
This is why businesses must work with a security partner to prioritise which vulnerabilities pose the biggest risk to their systems and data, and to focus on patching those weaknesses.
In addition, Thomas said that companies in the UAE must practice good “cybersecurity hygiene.”
“One of the most important things that that team teammates of a company can do have hard passwords. And I always say please don’t use your children or your pets names that you want. You want the difficult passwords.” she explained.
In addition, she said: “Don’t use the same password for your work as you do for any personal especially a banking account. So have a diversity of hard passwords. You can use a password keeper to keep track of all of those and your phone these days can keep track of those. It is such a preventative measure.”
SecureWork’s Thomas also recommended using multi-factor authentication whilst using your mobile or computer.
“It just means that when you log into something sensitive, like your banking application, you have an alternative place where you confirm or provide a code into that login to just confirm that it truly is you that the password hasn’t been compromised by someone else,” she said.
When it comes to combatting cybersecurity in business “the biggest, most important two things they can do provide basic training around cybersecurity awareness and have a program to prioritise patching the most exploited software vulnerabilities in your software environment,” she concluded.
Follow us on
