UAE is one of the most vulnerable targets for cybercriminals, says KPMG

By Team Feedbaac

Get your personal computers protected as an analytical report from KPMG suggests that the UAE is one of the top targets for cybercriminals with respect to financial services, oil/gas, technology, government, retail, construction, and healthcare online services.

KMPG has noticed that there are no proper sources to monitor the growing IT security issues in the UAE, so they have created a “cyber incident response” that aims on technical surveys, best action results that can help organizations to be ready for such events in the case of cyber-attacks. KMPG can help to determine the source of the attack, the method used, and the impact of the attack. This will help companies to avoid and resist such incidents to protect their sensitive information.

Over 60% of survey indicates that most lacked the skills and technology to handle cyber-attacks.

Press Release

One-third of UAE firms surveyed have reported cyber security breaches in the past 12 months – 2015 KPMG UAE Cyber Security Survey


  • 60% of survey respondents felt that they lacked sufficient skills and technology to manage cyber attacks
  • 50% of respondents said that they have cyber-attack contingency arrangements in place
  • 33% of survey respondents felt that cyber security is a growing threat for their organisation

Dubai, 20 December 2015: Cyber security is becoming an increasing challenge for firms in the UAE and organisations need to be better prepared to ward off attacks, a KPMG 2015 UAE Cyber Security Survey has found.

The survey focused on UAE organisations’ readiness and ability to respond to cyber-attacks and assessed responses from key sectors in the UAE over a period of two months.

 A third of respondents who participated in the survey indicated that they had been hacked in the past 12 months and took between two weeks to a month to recover. Over half of the respondents that had been hacked didn’t know that they were being targeted by cyber criminals. Furthermore, only 50% of respondents said that they had cyber-attack contingency arrangements in place.

 Nitin Khanapurkar, partner KPMG Lower Gulf said: “The UAE is on the list of the top 10 destinations targeted by cyber criminals and it comes as no surprise that cyber threats have been growing across key sectors like financial services, oil & gas, technology, government, retail, construction and healthcare.

 “The objective of the 2015 KPMG Cyber Security Survey was to assess UAE organisations’ readiness and ability to respond to cyber security threats and the survey has thrown up some interesting insights.”

 Many boards in the UAE do not have a comprehensive or accurate view of their cyber risks because threat intelligence and cyber monitoring have often been inconsistently implemented.

 The survey also found that more UAE organisations need to better understand their threat profiles – including who, where and why they are likely to be targeted.

 To respond to these growing threats, KPMG has created a ‘cyber incident response’ that focuses on actionable results, rules of evidence, with technical security analysis and testing to help organisations stay prepared to deal with a cyber-attack.

 During this phase, KPMG helps determine the source, method, and impact of a breach, while working with organisations to limit ongoing damage. This is typically a balancing act between investigating and eradicating the threat. Responses can range from allowing the malicious actions to continue in order to facilitate evidence-gathering to an immediate suppression of malicious actions in order to limit damage.

 Khanapurkar said: “One of the most common causes of a failed response is lack of adequate preparation. KPMG can help assist organisations with establishing clear lines of communication, policies and procedures and rules of engagement, in order to set the groundwork for a successful response if, or when, an incident occurs. On a parallel track, our teams work continuously to keep current on the latest technical methods, tools, and certifications for incident response.”