Press enter to see results or esc to cancel.

Cyber insurance: Risks and trends for UAE companies

Cybersecurity attacks are becoming more and more sophisticated. As digitization initiatives continue to expand, exposure to cyber-attacks increases with it. Businesses must ensure that their data, operations, and systems are protected from these threats. Cybersecurity continues to evolve as well, and what worked a few years ago might no longer work today. In this Pacific Prime Dubai article, we take a closer look at cyber insurance, including risks and trends for UAE companies.

Why UAE companies are investing in cybersecurity

The rapid growth of digital technologies has been the key factor in driving the cybersecurity market in the UAE. Since more confidential information is being stored digitally, organizations need cybersecurity safeguards to reduce risk.

The UAE experienced 23 million cases of malware and 1.1 million cases of phishing in the first three months of 2019 alone. Consequently, cybersecurity technology expenditure has risen dramatically in the UAE. In fact, the cybersecurity market in the Middle East and Africa is projected to reach USD $66.5 billion by 2025.

Saura Arabia, in particular, is looking to enhance its cybersecurity capabilities by getting its government agencies to legislate and enforce cybersecurity. The country is anticipated to receive sizable investments to enhance its cybersecurity framework.

Cyber risk management for UAE companies in 2020

In January 2020, the Dubai Financial Services Authority (DFSA) launched a platform to help organizations in the Dubai International Financial Center (DIFC) minimize cyber threats and damper their impact. A collaborative effort between several key UAE and foreign stakeholders, the Cyber Threat Intelligence Platform (CTIP) allows information to be shared between companies operating in the DIFC.

Moreover, it connects these regulated and non-regulated organizations with leading cybersecurity firms. This strategy emphasizes the UAE authorities’ growing efforts to address the increasing threat of cybersecurity attacks.

Why cybersecurity is a serious issue for regulated firms

At worst, cyber attacks can destroy a business or lead it to bankruptcy. Even though it’s common to view companies that have been cyber-attacked as victims, cyber attacks on regulated firms do more than just damage their reputation.

If there are failures, the regulator may call for an investigation or enforcement action. Additionally, firms may be required to notify regulatory bodies like the DIFC and DFSA Commission for Data Protection if a cyber breach occurs.

The introduction of the CTIP scheme presents an ideal opportunity for DFSA-regulated firms to evaluate their operational resilience and how well they can handle a cyber attack. These firms should be equipped with the right controls and systems in order to deal with any potential cyber attack. After all, a lack of operational resilience can be detrimental.

Best practices to raise an organization’s cyber safety

When it comes to cyber risk, operational resilience begins at the top of the organization with board buy-ins and human and financial resources. The board also needs to make sure that the company culture supports cyber resilience. DFSA-regulated firms are advised to address the following matters as soon as possible.

Board buy-in

  • Has the board allocated enough financial and human resources committed to cyber risk?
  • Is cyber risk a common topic of discussion at senior management or board meetings?
  • Is a committee or senior manager responsible for managing cyber risk?


  • Is the firm receiving expert guidance?
  • Does the firm’s IT function have sufficient resources or access to expert advice?

Evaluating vulnerabilities and security risks

  • Has an external audit of cyber-attack vulnerabilities been performed or have its systems been stress tested?
  • Are the firm’s software and hardware regularly updated?
  • Does the firm have cyber insurance or an insurance policy that covers cyber risk?


  • Have all staff been properly trained to identify and mitigate cyber risks?
  • Does the training match their role/level in the company?
  • Does the firm regularly raise awareness and inform employees of threats or risks?

Readiness for the worst-case scenario

To prepare for the worst, it’s important to know whether the firm has the following:

  • A detailed cybersecurity plan that outlines the response to a cyber attack
  • Performed a cyber attack simulation
  • A business continuity (BC) and disaster recovery (DR) plan to help business recovery as in the shortest amount of time
  • A secure backup of all its data that is regularly updated
  • An emergency contact list for experts such as legal advice and IT forensic service providers
  • Cyber insurance or an insurance plan that covers cyber risks

UAE cyber risk trends for 2020

Many of the global cybersecurity trends to know in 2020 also impact organizations in the UAE. Known instances include large data breaches or a popular communication app in Saudi Arabia and of a ride-sharing provider in the UAE. Moreover, there have been many unreported cybercrime cases against banks and financial institutions in the region.

The types of cyber risk that are most prominent in the UAE include:

  • Ransomware
  • Data breaches
  • Business email compromise scams

Similarly, the cyber risk trends affecting the UAE in 2020 include:

  • Technology improves cybercrime efficiency
  • Intensive networking increases risk throughout the supply chain
  • Increasing regulation globally
  • Growing demand for cyber insurance

As cyber threats and attacks continue to rise, the demand for cyber insurance will only increase in the UAE and across the globe. It’s crucial for companies to ensure their existing insurance policy protects their business from cyber attacks, or secure standalone cyber insurance if it doesn’t. Cyber insurance policies typically cover your companies’ liability for a data breach that involves sensitive customer information such as:

  • Health records
  • Credit card numbers
  • Social security numbers
  • Account numbers
  • Driver’s license numbers

While the cost of cyber insurance will vary depending on your policy and provider, Pacific Prime can make sure you’re getting the best insurance plan for your needs. Whether you’re looking for cyber insurance in the UAE or company insurance solutions, we are more than happy to help.

As a reputable insurance broker with more than two decades of experience in the industry, Pacific Prime Dubai makes sure you get the right plan for your requirements and budget. Contact us to receive expert advice or a no-obligation quote today.

For more information on trending insurance-related topics, check out our 2019-2020 State of Health Insurance Report.

Corporate quote CTA

Senior Content Creator at Pacific Prime Dubai
Jantra Jacobs is a Senior Content Creator at Pacific Prime with over 10 years of writing and editing experience. She writes and edits a diverse variety of online and offline copy, including sales and marketing materials ranging from articles and advertising copy to reports, guides, RFPs, and more.

Jantra curates and reports on the results of Pacific Prime’s monthly newsletters, as well as manages Pacific Prime’s Deputy Global CEO’s LinkedIn posts. Complemented by her background in business writing, Jantra’s passion for health, insurance, and employee benefits helps her create engaging content - no matter how complex the subject is.

Growing up as a third-culture kid has given her a multicultural perspective that helps her relate to expats and their families while 8 years of working remotely have given her unique insight into hybrid work arrangements and enthusiasm for employee benefits.
Jantra Jacobs