The UAE’s fast-paced digital transformation is making it one of the region’s most targeted markets for cyberattacks, as organisations grapple with rising volumes of threats and increasingly complex data environments.
According to the UAE Cyber Security Council, the country faces more than 800,000 cyberattack attempts daily — a figure that continues to rise. From an industry perspective, the real number could be even higher. “If anything, the true volume is higher still… a figure that keeps climbing by the day,” said Yahya Kassab, Senior Director and GM for KSA and the Gulf at Commvault.
The scale of attacks reflects the UAE’s position as a digital frontrunner. Kassab said advanced economies tend to attract more threats, adding: “The countries that are most advanced in their digital transformation tend to attract the most attacks… and the UAE sits firmly in that category.”
This surge in cyber risk is reshaping how companies approach security, with a growing shift from prevention to recovery. “It is no longer a question of if you will be attacked. It is only a question of when,” Kassab said, highlighting the need for organisations to prepare for breach scenarios.
He added that even the strongest defences can fail, making resilience planning critical. “You can spend millions of dollars and still have someone compromise the environment. That is the moment your cyber resiliency plan has to take over,” he said.
Artificial intelligence is further amplifying both risks and opportunities in the UAE’s cybersecurity landscape. While AI is central to ongoing digital transformation, it is also lowering the barrier to entry for cybercriminals. “As much as AI makes it easier for us to do business… it also makes it easier for hackers to become hackers and to advance their capability,” Kassab said.
At the same time, AI-driven initiatives are fuelling an explosion in data volumes. With plans for up to half of government operations to run on agentic AI in the coming years, organisations face mounting challenges in managing and protecting increasingly complex datasets. “That means data becomes larger, higher in volume, and far more complex to manage,” he said, stressing the need for clear recovery and protection strategies.
This evolving data landscape is pushing businesses and government entities to adopt more structured resilience frameworks that go beyond traditional disaster recovery. Kassab pointed to the importance of embedding resilience across people, processes and technology, ensuring organisations can continuously test their environments and respond effectively to incidents.
“AI adoption will increase the complexity of data protection, there is no avoiding that, but with the right tools and the right architecture in place you can stay safe,” he said.
As cyber risks intensify, the focus in the UAE is increasingly shifting towards preparedness and rapid recovery — a trend likely to define the country’s cybersecurity strategy as digital ambitions accelerate.
