UAE firms still underprepared for AI-era threat: Just 30% of UAE organizations have reached either the “mature” or “progressive” stages of cybersecurity readiness, according to a press release citing Cisco’s 2025 Cybersecurity Readiness Index (pdf). This year’s figures mark a modest improvement over last year, but still far below what’s needed to counter more complex and AI-enhanced cyber threats.

55% of organizations fell victim to attacks in the past year, with malware, phishing, and data breaches remaining the most common threat types. More hybrid work environments do little to allay fears, with 88% of companies identifying unmanaged device usage as a key cybersecurity risk. While 93% of UAE respondents reported AI-related incidents, firms are still “critically exposed” by an awareness gap, Cisco said — only 62% of respondents think their employees know the associated risks.

Shadow AI and GenAI use are rising with little oversight, with around 45% of employees using authorized third-party GenAI tools and 54% of IT teams admit they don’t fully track how staff are engaging with these tools. Unauthorized AI deployments— or “shadow AI” — is creating serious concerns over data privacy and exposure to unapproved apps. On the flip side, 96% of UAE firms are already using AI to analyze cyber threats.

Cyber budgets remain constrained: 98% of UAE entities plan to modernize their IT infrastructure within the next one or two years, yet only 9% are committing more than a fifth of their IT budgets to cybersecurity. Meanwhile, 81% of firms say their current security setups are overly complex, hampering overall effectiveness. A shortage of skilled cybersecurity talent is another key obstacle for 87% of UAE firms.

Tags: