Companies in the UAE should have a proactive strategy as opposed to a reactive strategy when addressing cyber threats to their businesses, experts said.
“The value of information is appreciated only when it (security) is compromised,” said Ahmad Al Mulla, vice-president of IT at Dubal.
“We have a reactive approach to security and implement solutions only in response to breaches. Such an approach is expensive.”
Speaking at a cyber safety conference, Al Mulla said that it is impossible for companies to prevent highly sophisticated cyber attacks. But having a strategy to prevent such attacks will help mitigate the risk.
Cybercrime has become a growing source of concern in the region with attacks on governments and financial institutions on the rise.
According to Symantec, the UAE will continue to see a rise in cybercrime attacks against individuals and businesses in 2013.
Last year, the Norton Cybercrime Report claimed that 1.5 million people fell victim to cybercrime in the UAE in 2012, costing the country $422 million (Dhs1.5 billion) in direct financial losses.
Around 46 per cent of social networking users in the country witnessed cybercrime on social media networking platforms, higher than the global average of 39 per cent.
Marc Maiffret, chief technology officer at the IT security firm Beyond Trust said that cyber safety has always been an issue but that it has exploded in the last few years.
“Previously hacking was done for fun and it was harmless but now it is a big business,” said Maiffret.
Although there is awareness about the issue in the UAE, companies are not clear about what their next steps should be.
“Business leaders here should realise that security is important to the company. Far too many times, IT and security know what needs to be done but they don’t have the resources and attention from the top management,” said Maiffret.
“Management should take action and make it as much of corporate priority as a marketing campaign or any other strategies.”