According to Cisco’s 2025 Cybersecurity Readiness Index, despite leading globally in the adoption of AI-powered cybersecurity, the UAE’s corporate sector faces critical vulnerabilities stemming from talent shortages and fragmented security systems.
The paradox: 96% of UAE organizations use AI for threat intelligence, and 93% for threat detection, yet only 30% are classified as having mature cybersecurity readiness.
The findings, based on a survey of 202 UAE firms, highlight an urgent disconnect between tech adoption and operational execution.
Key Cyber Risks Facing UAE Firms
Cisco’s survey revealed several vulnerabilities putting even AI-equipped companies at risk:
- 87% report cybersecurity talent shortages, with over half facing 10+ vacant positions.
- 93% experienced AI-related security incidents in the past year.
- 55% suffered a cyberattack, with malware (76%), phishing (59%), and data breaches (47%) most common.
Additionally, generative AI tools are emerging as a blind spot:
- 54% of IT teams are unaware of employee use of genAI tools.
- 20% of staff have unrestricted access to public AI platforms.
- 33% of organizations struggle to detect “shadow AI”, posing serious data privacy and compliance risks.
Fragmented Security Architecture Impedes Response
While AI tools are widely deployed, complex and disconnected security systems are hampering effective threat mitigation:
- 81% of UAE firms run 10 or more point security solutions, which often slow down incident response and add system complexity.
- Only 9% of organizations are allocating more than 20% of their IT budgets to cybersecurity, despite 98% planning overall infrastructure upgrades.
Hybrid work continues to challenge security models, with 88% of organizations citing increased risks from personal device usage and unapproved AI tools.
