29 Mar Nine Out Of 10 UAE Companies Experienced A Cyber Incident In The Past Two Years – Here’s How Founders Stay Safe
The UAE is in hacker crosshairs.
A report last month found that nine out of 10 (87%) of UAE companies experienced a cyber incident in the past two years. Worse, three in four don’t possess the right tools to spot breaches. These figures underscore a growing hacker interest in the region with the UAE government thwarting 50,000 cyberattacks every day.
This should sound alarm bells for startup founders and entrepreneurs. Armed with fewer resources than established organizations and government entities, they have less margin for cybersecurity error.
Therefore, it’s up to founders to be proactive and protect themselves. Let’s explore how they can stand up to bad actors by knowing the ecosystem, training the team, and securing the endpoints.
Know The Ecosystem
With great growth comes great responsibility. Following the pandemic, the UAE kicked off a decade-long strategy to double the size of its digital economy to almost 20 per cent of gross domestic product. Additionally, the government is keen to enhance the regional and global position of the UAE as a startup hub, which is good news for founders.
However, the UAE’s booming digital economy and greater use of data is a double-edged sword. These advancements make the country an “attractive” target for both cyber criminals and hostile states. Unfortunately, startups and founders are getting caught in this digital crossfire. As a result, most (66%) UAE companies fear data leaks and cloud attacks. The best way to stay secure is to deeply know your networks, connections, and platforms.
Begin by investigating your infrastructure: How big is the ecosystem? What’s on-prem vs in the cloud? Who’s connecting and how? Then, consider your protection. Where are the weaknesses? What can be done to strengthen the network? What lessons have you learned from previous security incidents?
Asking and answering these questions can go a long way to strengthening your ecosystem without breaking the bank. Consider that bigger organizations in the UAE and Saudi Arabia report losing $2M annually due to cloud breaches. A strong foundation is often the difference between a successful or thwarted attack (and a considerable bill).
Train The Team
Once the ecosystem is secure, founders must turn their focus to the team. Unfortunately, employees are often a source of hacking, with roughly two-thirds (64%) of all cyber incidents in the past two years caused by human error. Instead of risk, treat your team as a cybersecurity opportunity. Train them up and bring them on board as part of your startup’s front line of defence.
Show the team how to stay digitally hygienic, for example, by employing robust passwords and exercising caution with unfamiliar links. It sounds basic but many hacks start here. From downloading malware to visiting unsecured websites and using unauthorized systems to share data, employees often play right into the hands of hackers. And this doesn’t even cover the digital danger and waste of shadow IT, which is almost always caused by unassuming team members.
The good news is that many of these issues can be (and should be) mitigated with annual and ad hoc training programs for all staff. This requires very little budget and, once implemented, translates into an entire staff of IT allies. This is an especially important mindset for startups and small-to-medium-sized businesses (SMBs): we’re one team and one defence.
Secure The Endpoints
Finally, as teams go remote, it’s important to ensure secure access to employee- and corporate-owned devices. This is something that UAE businesses struggle with as one-quarter worry about the security of their connected endpoints. Protecting these endpoints demands a unified approach.
For founders and SMBs that lack the budget for hiring dedicated IT professionals, consider new security tools. Most endpoint security and attack detection platforms are managed by one administrator from a unified console. As a result, multiple tools in concert can offer safety and synthesis at a click.
For example, identity and access management solutions help verify identity using authentication processes like single-sign-on or multi-factor authentication. In tandem with zero trust networking, this provides a system that trusts no one, verifies the identity, and only then establishes a secure remote access connection. Backing this with a unified endpoint management solution and an endpoint protection platform, as well as extended detection and response tools, allows efficient security oversight.
Protect Today And Win Tomorrow
It’s important to stress that the cybersecurity future is bright. The UAE government is spearheading this digital evolution and actively tackling challenges as they arise. A good example is the Cyber Pulse Innovation Centre – a new center at Abu Dhabi Polytechnic that aims to produce the next generation of cyber professionals. This is in addition to curriculum changes that will bring cybersecurity concepts, keywords, and lessons into the classroom from kindergarten to grade 12.
The UAE has a strong crop of home-grown talent that understands the importance of digital safety. Likewise, companies – all the way from startups to corporations – recognize the problem. In the next 12 months, UAE IT and cybersecurity decision-makers in this survey say their focus is on data leakage, cloud attacks, and attacks through networked IoT.
The challenge for small teams and startups is to keep up with the pace of change. By prioritizing three strategies – understanding the ecosystem, empowering the team through training, and fortifying endpoints – founders can confidently navigate the digital battlefield.
Despite a rapidly evolving cybersecurity landscape, proactive measures today promise success tomorrow in the region’s leading hub.- Hexnode Founder and CEO Apu Pavithran.
