Latest news with #StateoftheUAECybersecurityReport2025

GISEC Global 2025 Reveals $12B Cyber Losses in Banking

TECHx

10-05-2025

Business
TECHx

GISEC Global 2025 Reveals $12B Cyber Losses in Banking

Home » GISEC » GISEC 2025 » GISEC Global 2025 Reveals $12B Cyber Losses in Banking GISEC Global 2025 spotlights rising ransomware threats as UAE banks enhance cybersecurity, adopt AI tools, and call for global security frameworks. As major Middle Eastern economies continue to grow rapidly, the region is facing an increased risk of cyber and ransomware attacks. The State of the UAE Cybersecurity Report 2025 reveals that 21% of incidents targeted banks and financial services, underlining the urgent need to reduce risk and enhance digital infrastructure. On Thursday, cybersecurity took center stage at the Dubai World Trade Centre. Industry professionals and global experts gathered to address cyber threats facing the financial sector. The event highlighted the importance of resilience as businesses manage sensitive data and digital assets. According to the IMF Global Financial Stability Report, nearly one-fifth of reported cyber incidents over the past two decades resulted in $12 billion in losses for financial institutions. Since 2020, total losses reached an estimated $2.5 billion. In the UAE, ransomware attacks surged by 32% in 2024 compared to the previous year. These figures, from the UAE Cybersecurity Council, demonstrate the evolving threat landscape. At GISEC Global 2025, discussions explored how banks are preparing to tackle risks while innovating securely. Speakers focused on balancing compliance, digital transformation, and customer data protection. Huawei's Babar Haq, CTO for IT in the Middle East and Central Asia, said cybersecurity must be embedded into every layer of technology. He emphasized that aligning innovation with regulation is key to building secure systems. Artificial intelligence is playing a growing role in cybersecurity. However, it also presents new challenges. A recent survey shows 80% of bank cybersecurity leaders feel pressure to keep pace with AI-driven threats. Toufic Derbass, Managing Director for Kaspersky in the Middle East, Türkiye, and Africa, said AI is now used to create more targeted and believable attacks. He noted that although overall threats dropped by 16%, banking malware cases rose by 11%. To mitigate risk, banks are now using: AI-powered detection tools Biometric verification and behavioral analytics Derbass added that layered defenses and trained staff remain essential. Best practices such as multi-factor authentication, regular updates, and secondary confirmation for sensitive requests are critical in preventing fraud. Zero Trust and cloud-based solutions are among the tools gaining traction to prevent attacks. With a 65% rise in ransomware attacks targeting finance in 2024, Derbass stressed the need for multi-layered, next-generation security models. He pointed to the rise of targeted ransomware groups focused on specific institutions. These attacks are more deliberate and damaging, requiring banks to adopt frameworks that support global operations and compliance. He said cross-border expansion demands adaptable security strategies. Threats remain constant, so banks must invest in real-time intelligence, global standards, and collaborative defense mechanisms. GISEC Global 2025 was organized by Dubai World Trade Centre and hosted by the UAE Cybersecurity Council. The event was held under the theme 'Securing an AI-Powered Future.' Key supporters included Dubai Electronic Security Center (DESC), the UAE Ministry of Interior, and Dubai Police. Huawei was named the Lead Strategic Partner. The 14th edition of the event featured major names in cybersecurity, such as AWS, Microsoft, Google Cloud Security, CISCO, Deloitte, Kaspersky, and Honeywell. It also showcased companies like Spire Solutions, CPX, CyberKnight, OPSWAT, Qualys, CrowdStrike, and StrikeReady. GISEC Global will return for its 15th edition from 5–7 May 2026 at Dubai Exhibition Centre in Expo City.

Mid East Info

09-05-2025

Business
Mid East Info

GISEC Global 2025 Drives Cybersecurity Innovation as Middle East Banks Face Rising Cyber Threats - Middle East Business News and Information

The Middle East and Africa's largest cybersecurity event serves as a critical platform to explore ideas for advanced security infrastructure and coordinated defence strategies Dubai, United Arab Emirates, May 2025: As the Middle East's major economies continue their accelerated growth, the region is increasingly becoming a prime target for cyber and ransomware attacks. According to the State of the UAE Cybersecurity Report 2025, 21 per cent of cybersecurity incidents targeted banks and financial services in the region, emphasising the urgent need to mitigate potential risks and damages, while enhancing digital infrastructure. On Thursday, the event placed the focus on the financial sector as global industry leaders and professionals gathered at the Dubai World Trade Centre to drive discussions that help mitigate these challenges and avoid far-reaching consequences. GISEC Global's panel discussions and workshops came at a critical time in the ever-growing wave of digitalisation, with banks and businesses managing large quantities of sensitive information, including data, personal details and transaction records. Nearly one-fifth of reported cyber incidents caused USD $12 billion in losses to financial businesses in the past 20 years, according to the IMF Global Financial Stability Report. The same report shows total losses since 2020 amounted to an estimated $2.5 billion. Ransomware attacks in the UAE increased by 32 per cent in 2024 compared to the previous year, as per statistics from the UAE Cybersecurity Council. With cybersecurity businesses accelerating their efforts to safeguard against breaches, fraud and hacking, GISEC Global explored key topics including the resilience and preparedness of banking organisations to deal with threats, and balancing security and innovation given the rise of digital payments. 'Balancing between compliance and innovation in banking and finance' As more people shift to digital payments and open banking gains traction, top CISOs discussed how fintechs are adopting robust security measures to navigate the payments landscape. Babar Haq, CTO, IT at Huawei Middle East & Central Asia, stressed different teams need to come together to get a holistic overview – one balanced between innovation and regulation – to build secure systems. He said: 'The challenge is banks want to secure and protect customers' data but at the same time there are regulations that need to be followed. Therefore, there needs to be a balance between compliance, innovation and security and I believe the only way to do that is by design – basing cybersecurity on each and every corner of technology.' AI has bigger role in cybersecurity but is also benefitting hackers: With the advent of AI unleashing big winds of change, impacting a wide range of industries, a survey shows that 80 per cent of bank cybersecurity executives feel challenged in keeping up with AI-driven threats. Toufic Derbass, Managing Director for the Middle East, Türkiye and Africa at Kaspersky, one of the exhibitors at GISEC Global, said AI brings both opportunities and obstacles that banks and financial institutions should be wary of. He said: 'AI-generated threats are becoming increasingly believable, targeted and sophisticated. Cybercriminals are now using artificial intelligence to craft more convincing attacks, making it harder for traditional defences to keep up. 'While Kaspersky recently reported a 16 per cent drop in overall cyber threats, incidents involving banking malware actually rose by 11 per cent – a stark reminder that threat actors are evolving their tactics, not retreating. 'To stay ahead, financial institutions are turning to AI-powered detection tools and strengthening employee training to reduce human error, still one of the most common points of entry.' He added: 'As generative AI makes scams more convincing, banks must strengthen verification using tools like biometrics, behavioural analytics and real-time document checks. But tech alone isn't enough. A layered approach – combining smart tech with trained staff – is key. Best practices like multi-factor authentication, regular software updates and verifying sensitive requests via secondary channels also play a crucial role in preventing AI-driven fraud.' Are resilient technologies the solution, or are comprehensive frameworks needed? Security tools such as Zero Trust and Cloud Security are among the popular models being leveraged to help businesses protect their data and prevent cyberattacks. With ransomware attacks in the financial sector surging – up by 65 per cent in 2024 – Derbass says businesses need to think outside the box and 'adopt multi-layered, next-generation security solutions'. He said: 'An increasingly important threat related to ransomware that we're seeing is the rise of targeted ransomware groups. Unlike common ransomware attacks, which target victims arbitrarily, targeted ransomware groups are notorious for attacking governments, specific high-profile organisations, or a selective group of people within an organisation.' 'As Middle Eastern banks expand globally, their cybersecurity strategies must adapt to cross-border regulations, varying compliance standards and a broader threat landscape. Since the internet has no borders, cyberthreats will persist and evolve across jurisdictions,' he added. 'To stay protected, banks need globally aligned security frameworks, real-time threat intelligence sharing and compliance teams familiar with international regulations. Flexibility, visibility and collaboration are key to securing operations at scale.' Organised by Dubai World Trade Centre, GISEC Global 2025 was hosted by the UAE Cybersecurity Council under the theme of 'Securing an AI-Powered Future' and supported by Dubai Electronic Security Center (DESC), the UAE Ministry of Interior and Dubai Police. Huawei has been named as GISEC's Lead Strategic Partner. The 14th edition brought together critical focus areas from some of the leading players in the industry, including Huawei, AWS, Microsoft, Google Cloud Security, CISCO, Deloitte, Kaspersky, Check Point, Cloudflare and Honeywell, alongside groundbreaking cybersecurity companies such as Spire Solutions, CPX, CyberKnight, LinkShadow, OPSWAT, Qualys, CrowdStrike and StrikeReady. GISEC Global will return for its 15th edition next year at a new venue, Dubai Exhibition Centre at Expo City, from 5-7 May 2026. About GISEC Global: GISEC Global , Middle East & Africa's largest and most impactful cybersecurity event, will return to Dubai World Trade Centre for its 14th edition taking place from 6th to 8th May 2025, under the overarching theme of 'Securing an AI-Powered Future.' Following the monumental success of 2024, the super-connector event for the region's cybersecurity industry will bring together over 25,000 attendees, 750 exhibiting brands and 350-plus speakers hailing from over 160 countries. GISEC Global stands as the unrivalled platform for navigating the ever-evolving landscape of cybersecurity. About Dubai World Trade Centre: With a vision to make Dubai the world's leading destination for all major exhibitions, conferences and events, DWTC has evolved from being the regional forerunner of the fast-growing MICE industry into a multi-dimensional business catalyst, focusing on Venues, Events and Real Estate Management. Complementary to the primary service offerings are a range of value-added services from media/advertising, engineering and technical consultation and wedding planning, security, and hospitality.

Cybersecurity Report 2025 highlights UAE's forward-thinking strategies

Al Etihad

12-03-2025

Business
Al Etihad

Cybersecurity Report 2025 highlights UAE's forward-thinking strategies

9 Mar 2025 23:32 SARA ALZAABI (ABU DHABI)The "State of the UAE Cybersecurity Report 2025", released by the UAE Cyber Security Council and CPX, a leading provider of end-to-end cyber and physical security solutions and services, stressed that cybersecurity is critical for safeguarding national security, economic stability, and digital to the report, cyber threats have been magnified with the adoption of advanced technologies, with a 58% increase in active ransomware groups as of report also notes a surge of infostealer malware, with RedLine Stealer accounting for 69.9% of infections in the UAE, while MetaStealer accounted for 13.1%, Lumma Stealer for 12.6%, and Vidar for 4.4%.The report indicates that the number of Distributed Denial of Service (DDoS) attacks is really reduced and serves as a hallmark success of the UAE's cybersecurity UAE witnessed a total of 2,301 DDoS attacks in the first half of 2024, marking a 96.09% decrease compared to previous years, the report peak bandwidth of these attacks has also fallen by 67.7% from 266.9 Gbps to 85.92 Gbps, another noticeable advancement in the progress of the UAE cybersecurity Mohamed Al Kuwaiti, Head of Cybersecurity for the UAE Government, said in the report: "The UAE has long recognised the critical role of cybersecurity in safeguarding our national security, economic stability and digital future. Through proactive measures, such as the establishment of the National Cybersecurity Strategy and key partnerships with international stakeholders, we have laid a strong foundation for a safer digital ecosystem. 2024 was a milestone year for the UAE as we ranked at the top of the 'Pioneering Model' category in the Global Cybersecurity Index (GCI). This recognition is a testament to our forward-thinking strategies, robust policies, and the collaboration of both the public and private sectors in protecting our digital infrastructure."Hadi Anwar, Chief Executive Officer of CPX, said in the report: "This report offers a comprehensive view of the UAE's cybersecurity landscape. It delves into the strategies, policies, and innovations shaping the nation's digital transformation while addressing the complexities of protecting critical infrastructure and sensitive data. The UAE's remarkable progress in cybersecurity reflects a commitment to creating a secure environment where digital advancements and national resilience go hand in hand." The report also highlighted the need for AI governance frameworks toward ethical AI use, enhanced cybersecurity across multiple sectors, as well as cybersecurity audits for compliance with global standards.

Gulf Insider

27-02-2025

Business
Gulf Insider

UAE Cyber Report: 223,000+ Assets Still Exposed.

There is a critical need for advanced cybersecurity measures in the UAE to meet the challenges of increasing complexity and sophistication of cyberattacks, a report said. Over 223,800 assets hosted within the UAE are potentially exposed to cyberattacks, with half of the critical vulnerabilities remaining unaddressed for over five years. 'This exposure, coupled with the surge in advanced cyberattacks, underscores the absolute necessity of robust cyber defenses in a region that is at the forefront of AI-driven technological innovation and geopolitical significance, the latest report by the UAE Cyber Security Council and CPX, a leading provider of end-to-end cyber and physical security solutions and services, said. The report, titled 'State of the UAE Cybersecurity Report 2025', offered an in-depth analysis of the country's rapidly evolving cyber threat landscape. The report also examined key trends shaping the current cybersecurity challenges, including misconfiguration, which represents 32 per cent of the cyber incidents, followed by improper usage and unlawful activity at 19 per cent. The government, finance, and energy sectors are the most targeted by cyber threat actors, it said. In 2024, drive-by downloads remained a prevalent method for initial entry vectors used by threat actors, with phishing and web server compromises also of concern, the report said, adding that these methods are becoming more sophisticated with the integration of AI tools, enhancing social engineering efforts, phishing lures, and the deployment of deepfake technology to deceive victims. The trend is compounded by the financial repercussions of data breaches, with the Middle East, including the UAE, recording the second-highest data breach costs globally, the report said. It said e-crime also remains a significant threat, with the number of ransomware groups operating in the UAE witnessing 58 per cent growth. On a positive note, from the first half of 2023 to the first half of 2024, the UAE experienced a drastic decrease in distributed denial of service (DDoS) attacks from 58,538 to just 2,301, it said. Dr. Mohamed Al Kuwaiti, Head of Cyber Security for the UAE Government, said the rise in AI-driven attacks and widening cyber capabilities demand stricter vigilance to secure the future. 'The path forward requires international collaboration, innovation, and commitment,' he said, adding that 'together, we will continue building a secure and prosperous digital UAE, where innovation flourishes, opportunities thrive, and our systems remain resilient in the face of any challenge.' Hadi Anwar, Chief Executive Officer, CPX, said the latest cybersecurity report delves into the strategies, policies, and innovations that are shaping the UAE's digital transformation, while addressing the complexities of protecting critical infrastructure and sensitive data. 'The country's remarkable progress in cybersecurity reflects a commitment to creating a secure environment where digital advancements and national resilience go hand in hand,' Anwar said. Compiled by CPX's team of cybersecurity experts, the report acts as a strategic guide for government entities, businesses, and individuals, providing actionable insights to navigate the complexities of a new AI era. Also Read: UAE Savings Scheme Offers Workers Alternative End of Service Benefits and Investment Opportunities

UAE Cyber Security Council and CPX Unveil Cybersecurity Report 2025, Highlighting Urgent Need for Stronger Cyber Defenses

Web Release

25-02-2025

Business
Web Release

UAE Cyber Security Council and CPX Unveil Cybersecurity Report 2025, Highlighting Urgent Need for Stronger Cyber Defenses

The UAE Cyber Security Council and CPX, a leading provider of end-to-end cyber and physical security solutions and services, today announced the release of the 'State of the UAE Cybersecurity Report 2025'. The document offers an in-depth analysis of the UAE's rapidly evolving cyber threat landscape, emphasizing the critical need for advanced cybersecurity measures in response to the increasing complexity and sophistication of cyber-attacks. Highlighting the urgency of the situation, the attack surface continues to increase. Over 223,800 assets hosted within the UAE are potentially exposed to cyber-attacks, with half of the critical vulnerabilities remaining unaddressed for over five years. This exposure, coupled with the surge in advanced cyber-attacks, underscores the absolute necessity of robust cyber defenses in a region that is at the forefront of AI-driven technological innovation and geopolitical significance. The report examines key trends shaping the current cybersecurity challenges, including misconfiguration, which represents 32% of the cyber incidents, followed by improper usage and unlawful activity at 19%. The government, finance, and energy sectors are the most targeted by cyber threat actors. In 2024, drive-by downloads remained a prevalent method for initial entry vectors used by threat actors, with phishing and web server compromises also of concern. These methods are becoming more sophisticated with the integration of AI tools, enhancing social engineering efforts, phishing lures, and the deployment of deepfake technology to deceive victims. The trend is compounded by the financial repercussions of data breaches, with the Middle East, including the UAE, recording the second-highest data breach costs globally, reflecting the economic targets of cyber threat actors against the backdrop of Gulf prosperity. eCrime also remains a significant threat, with the number of ransomware groups operating in the UAE witnessing 58% growth. On a positive note, from the first half of 2023 to the first half of 2024, the UAE experienced a drastic decrease in distributed denial of service (DDoS) attacks from 58,538 to just 2,301. H.E. Dr. Mohamed Al Kuwaiti, Head of Cyber Security for the UAE Government, said: 'As we stand on the cusp of a new era powered by emerging technologies, the rise in AI-driven attacks and widening cyber capabilities demand stricter vigilance to secure the future. The path forward requires international collaboration, innovation, and commitment. Together, we will continue building a secure and prosperous digital UAE, where innovation flourishes, opportunities thrive, and our systems remain resilient in the face of any challenge.' Hadi Anwar, Chief Executive Officer, CPX, added: 'The latest cybersecurity report delves into the strategies, policies, and innovations that are shaping the UAE's digital transformation while addressing the complexities of protecting critical infrastructure and sensitive data. The country's remarkable progress in cybersecurity reflects a commitment to creating a secure environment where digital advancements and national resilience go hand in hand.' The report also provides an overview of the unique cybersecurity challenges faced by the UAE, including a surge in AI-powered threats, the sophisticated tactics of cybercriminals, and advanced persistent threats (APTs), where state-sponsored actors integrate AI into their attack frameworks. The document emphasizes the need to enhance the country's defense capabilities and foster a culture of cybersecurity awareness across all sectors. Compiled by CPX's team of cybersecurity experts, the report acts as a strategic guide for government entities, businesses, and individuals, providing actionable insights to navigate the complexities of a new AI era. Key best practices to mitigate cyber risks highlighted in the document include: · Launch cybersecurity awareness and education initiatives: Crucial for educating government employees, businesses, and the general public about cybersecurity best practices · Run regular cybersecurity audits and compliance checks: Key to maintaining the integrity of critical infrastructure and essential services in the UAE in line with international standards · Create an asset inventory: Essential for identifying network anomalies and threats missed by traditional defenses · Set up a 24/7 Security Operations Center (SOC): A proactive approach to continuous monitoring and analysis of the organization's security posture · Implement Endpoint Detection & Response (EDR): Vital for enabling security analysts or threat hunters to identify compromises effectively and maintain historical process execution records · Establish a robust cyber threat intelligence function: Important for delivering critical insights on new and emerging risks to facilitate real-time adjustments to security postures, enhancing overall resilience · Develop AI governance frameworks: A cornerstone of ensuring safe and ethical use of AI within the organization As the UAE continues to lead in digital transformation, addressing cybersecurity challenges requires a concerted effort from government agencies, private sector entities, and individuals to ensure the resilience and security of the nation's digital landscape. To access the full 'State of the UAE Cybersecurity Report 2025' and to explore detailed strategic recommendations for enhancing cybersecurity, please visit this link.