Cyber Security
UAE Organisations Showing Greater Concern Over Threat of Cyberattacks

Eighty-four percent of organisations in the UAE are bracing for the fallout from an email-borne attack in the year ahead amid a growing volume of threats. According to the latest Mimecast State of Email Security 2022 report, more than two-thirds of companies in the UAE reported an increased number of email-based threats.
“Companies in the UAE showed greater concern about various email security challenges than most other countries we surveyed,” says Werno Gevers, regional manager at Mimecast Middle East. “Fifty-six percent are concerned about an increase in the volume of attacks, 48% worry about security-naive employees, and more than half (52%) are concerned over the growing sophistication of attacks. This comes at a time when more than eight out of ten organisations reported increased use of email, making email security a top priority for businesses and their IT and security teams.”
Threats are becoming more targeted
Nearly all UAE organisations that responded to the research have been the target of email-related phishing attempts (94%), but interestingly 30% reported a decrease in the volume of such attacks, with 20% noting the decrease was ‘significant’. “This is possibly due to threat actors moving on to other, more targeted methods,” says Gevers. “Our data also showed that 54% of organisations reported an increase in business email compromise, while half experienced an increase in internal threats or data leaks initiated by malicious insiders. In a positive sign, all respondents from the UAE either have a cyber resilience strategy or are actively planning to put one in place.”
Greater employee awareness improves resilience
A large part of the success of a cyber resilience strategy depends on the conduct of employees. Encouragingly, 46% of UAE companies provide ongoing cyber awareness training, twice the global average of 23%. “Cyber awareness training is one of the most effective ways of strengthening an organisation’s overall cyber resilience and should be a top priority for business leaders,” says Gevers. “Efforts by organisations in the UAE are paying off: only 66% of respondents were concerned about employees oversharing company information on social media, far below the global average of 81%, while more than one in ten believed there was no risk at all to employees using personal email.”
The importance of government mandates
Organisations are also noting the impact of government efforts to build greater cyber resilience to protect citizens and critical infrastructure from cyberattacks. UAE respondents expected high levels of changes in their organisation as a result of government mandates for cyber resilience. “Forty-two percent expect improvements in the overall level of cybersecurity in their business, and more than a third anticipate lower risk of cyberattacks impacting their business,” says Gevers.
Adequate budgets for advanced protection
In general, UAE respondents noted satisfactory budget allocations for cybersecurity, with an average of 17% of IT budgets going toward cyber resilience against a desired 19%. “Investment into strengthening the overall security posture by securing key business applications will likely continue in the year ahead, with 92% of companies saying additional safeguards are needed for Microsoft 365,” says Gevers. “This may partly be because 82% of organisations experienced a Microsoft 365 outage in the past year, with more than a third citing severe impact from an outage.”
Brand protection still needs attention
Low levels of preparedness to deal with email spoofing and domain hijacking remain a concern in among UAE organisations. “Nearly two in five organisations were only somewhat prepared – or not prepared at all – to deal with attacks that spoof their domains or websites, despite respondents experiencing an average of twelve online brand spoofing attacks over the past year,” says Gevers. “Encouragingly, 98% of companies either use or plan to use a brand protection service this year, while 84% plan to make use of DMARC to counter brand spoofing.”
Cloud
SentinelOne Simplifies Secure Cloud Migrations on AWS

SentinelOne today announced its participation in the Amazon Web Services (AWS) Independent Software Vendor (ISV) Workload Migration Program. This initiative supports AWS Partner Network (APN) members with SaaS offerings on AWS to accelerate and streamline workload migrations.
Through the program, SentinelOne will provide AWS customers with accelerated, secure cloud migration support, leveraging modern AI-powered CNAPP capabilities to ensure rapid and protected transitions. With access to AWS funding, technical resources, and go-to-market support, SentinelOne will help organizations reduce migration timelines and costs while maintaining robust security.
SentinelOne’s Singularity Cloud Security delivers real-time visibility and protection throughout the migration journey—whether from on-premises or another cloud—enabling a secure, seamless transition to AWS.
“Through our participation in the AWS ISV Workload Migration Program, SentinelOne is helping customers accelerate secure cloud migrations with end-to-end protection and visibility,” said Ric Smith, President of Product, Technology, and Operations at SentinelOne. “Whether moving from on-prem or another cloud to AWS, organizations can count on us to deliver the security they need throughout their journey—realizing the performance, speed, agility, and cost benefits of the cloud.”
Singularity Cloud Security combines agentless and agent-based protection for deep visibility, continuous posture management, and real-time threat detection across hybrid and multi-cloud environments. By collaborating with AWS and ecosystem partners, SentinelOne ensures seamless integration into migration projects, helping customers move faster, reduce risk, and scale confidently in the cloud.
Availability: SentinelOne’s solutions are available globally.
Cyber Security
Beyond Blocklists: How Behavioural Intent Analysis Can Safeguard Middle East Businesses from Rising AI-Driven Bot Threats

The Middle East is facing an unprecedented surge in AI-driven bot attacks, with malicious automation now outpacing traditional defenses. Mohammad Ismail, Vice President for EMEA at Cequence Security, warns that legacy tools like IP blocklists and rate limiting are no match for today’s sophisticated threats (more…)
Cyber Security
Sophos Boosts Firewall with New Protection and Incident Response Features

Sophos has announced a significant update to its Sophos Firewall software, introducing enhanced protection and incident response capabilities. This update notably includes Sophos NDR Essential, a new feature now available free of charge to all customers holding an XStream Protection license for Sophos Firewall.
This integration empowers Sophos Firewall with two dedicated artificial intelligence (AI) engines specifically designed to detect both malware communications and those utilizing algorithmically generated domain names. This advanced functionality, derived from the Sophos Network Detection and Response (NDR) probe, aims to identify sophisticated malware communications even if they are previously unknown or not yet indexed. It serves as a powerful complement to the Active Threat Response capabilities already embedded within Sophos firewalls.

Chris McCormack, Senior Product Marketing Manager at Sophos
Addressing the technical demands of such advanced detection, Chris McCormack, Senior Product Marketing Manager at Sophos, explained the strategic approach, “NDR traffic analysis requires substantial processing power. That’s why we’ve adopted a new approach by deploying an NDR solution in Sophos Cloud to offload the heaviest tasks from the firewall.” This cloud-centric design ensures optimal performance without burdening the firewall’s on-device resources.
Beyond network detection, the update also brings significant improvements to connectivity and user authentication. Sophos Connect now integrates EntraID for Single Sign-On (SSO). This new feature for the VPN client, bundled with Sophos Firewall, is set to enhance both the security and user experience for SSL and IPsec VPN connections. The integration with EntraID (Azure AD) enables users to authenticate and leverage multi-factor authentication for both Sophos Connect and access to the user portal hosted by the firewall, streamlining secure access.
Further VPN-related enhancements include:
- Improved user interface and usability: Connection types have been renamed for greater clarity, with “site-to-site” now referred to as “policy-based” and tunnel interfaces as “route-based,” making configurations more intuitive.
- Dynamic validation of the IP address pool: For VPN connections (SSL VPN, IPsec, L2TP, and PPTP), the system now dynamically validates the allocated IP address pool, helping to better resolve potential IP address conflicts.
- Strict profile enforcement: IPsec profiles now exclude default values to ensure algorithm synchronization, effectively eliminating potential fragmentation of session negotiation packets that could otherwise prevent site-to-site VPN tunnels from being established.
- Route-based VPN and SD-RED scalability: The system has been optimized to support up to 3,000 simultaneously established tunnels. Specifically, Sophos Firewall solutions can now manage up to 1,000 SD-RED site-to-site tunnels and connect up to 650 concurrent SD-RED devices.
Additional management improvements enhance administrative flexibility and search capabilities:
- More flexible DHCP Prefix Delegation (IPv6 DHCP-PD): The system now supports a broader range of prefixes, from /48 to /64, improving compatibility with various internet service providers.
- Router Advertisement (RA) and DHCPv6 server: These features are now enabled by default, simplifying IPv6 network setup.
- Resizable table columns: The web admin interface continues its adaptation for ultra-wide screens, with many configuration pages now allowing users to resize columns as needed for improved usability.
- Enhanced object search functionality: The search field within the SD-WAN routing configuration screen now supports more granular criteria, including route name, ID, objects, and object values like IP addresses and domains. Similarly, local ACL rules now also support object name and value searches, extending to content-based searches for more precise results.
- Default configuration changes: To streamline initial setups, default firewall rules and rule groups previously created during new firewall deployments have been removed. The initial configuration now only includes the default network rule and MTA rules. Furthermore, the default firewall rule group and the default gateway probe for custom gateways are now set to “None” by default.
Sophos continues its commitment to cybersecurity through a “Secure by Design” approach, enhancing the intrinsic security of its firewalls. This methodology involves the containerization of specific features and rigorous integrity checks on critical operating system files using mathematical checksums. Any detected checksum mismatch triggers a potential compromise alert, enabling monitoring teams to proactively identify possible security incidents affecting the firewall OS integrity. This proactive detection allows incident response and development teams to react swiftly to critical security events.
This update is now available for manual download and deployment by customers with any Sophos Firewall equipped with a valid license.
-
News1 week ago
Reolink Launches Smart Security Solutions in Middle East
-
Cyber Security3 days ago
Beyond Blocklists: How Behavioural Intent Analysis Can Safeguard Middle East Businesses from Rising AI-Driven Bot Threats
-
Channel Talk1 week ago
Dynatrace Names DXC Global Partner of the Year
-
Events1 week ago
Matrix to Exhibit NDAA Compliant Surveillance at ESX North America 2025
-
Cyber Security3 days ago
Honeywell Report Reveals 46% Quarterly Spike in Industrial Ransomware
-
Cyber Security4 days ago
Labubu Doll Craze: How Cybercriminals Are Exploiting the Hype
-
News1 week ago
BlueCat to Show Off Next-Gen Network Operations at Cisco Live
-
Cyber Security3 days ago
Sophos Boosts Firewall with New Protection and Incident Response Features