One-third of UAE firms surveyed have reported cyber security breaches in the past 12 months – 2015 KPMG UAE Cyber Security Survey
Dubai, December 2015: Cyber security is becoming an increasing challenge for firms in the UAE and organizations need to be better prepared to ward off attacks, a KPMG 2015 UAE Cyber Security Survey has found. The survey focused on UAE organizations’ readiness and ability to respond to cyber attacks and assessed responses from key sectors in the UAE over a period of two months.
A third of respondents who participated in the survey indicated that they had been hacked in the past 12 months and took between two weeks to a month to recover. Over half of the respondents that had been hacked didn’t know that they were being targeted by cyber criminals. Furthermore, only 50% of respondents said that they had cyber attack contingency arrangements in place.
Nitin Khanapurkar, partner KPMG Lower Gulf said: “The UAE is on the list of the top 10 destinations targeted by cyber criminals and it comes as no surprise that cyber threats have been growing across key sectors like financial services, oil & gas, technology, government, retail, construction and healthcare. “The objective of the 2015 KPMG Cyber Security Survey was to assess UAE organizations’ readiness and ability to respond to cyber security threats and the survey has thrown up some interesting insights.”
Many boards in the UAE do not have a comprehensive or accurate view of their cyber risks because threat intelligence and cyber monitoring have often been inconsistently implemented. The survey also found that more UAE organizations need to better understand their threat profiles – including who, where and why they are likely to be targeted.
To respond to these growing threats, KPMG has created a ‘cyber incident response’ that focuses on actionable results, rules of evidence, with technical security analysis and testing to help organizations stay prepared to deal with a cyber attack.
During this phase, KPMG helps determine the source, method, and impact of a breach, while working with organizations to limit ongoing damage. This is typically a balancing act between investigating and eradicating the threat. Responses can range from allowing the malicious actions to continue in order to facilitate evidence-gathering to an immediate suppression of malicious actions in order to limit damage.
Khanapurkar said: “One of the most common causes of a failed response is lack of adequate preparation. KPMG can help assist organizations with establishing clear lines of communication, policies and procedures and rules of engagement, in order to set the groundwork for a successful response if, or when, an incident occurs. On a parallel track, our teams work continuously to keep current on the latest technical methods, tools, and certifications for incident response.”
KPMG is a global network of professional firms providing Audit, Tax and Advisory services. We operate in 155 countries and have more than 174,000 people working in member firms around the world. The independent member firms of the KPMG network are affiliated with KPMG International Cooperative ("KPMG International"), a Swiss entity. Each KPMG firm is a legally distinct and separate entity and describes itself as such.
For media queries:
Communications Manager, Markets
T: +971 4 424 8906
M: +971 52 991 0159
© 2017 KPMG, KPMG LLP and KPMG Lower Gulf Limited, registered in the UAE and member firms of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved.