A staggering 94 per cent of organisations in the UAE have suffered materially damaging cyberattacks, a recent study has revealed.

Cohesity's latest global study, titled Risk Ready or Risk Exposed: The Cyber Resilience Divide, underscores a harsh reality: compliance alone is no longer enough to safeguard continuity when disruption strikes.

The study reveals that 59 per cent of UAE organisations experienced a major cyberattack in the past year, and the consequences were severe. Ninety-six percent reported revenue loss, while 69 per cent lost customers - a clear sign that every minute of downtime carries both human and economic costs.“Downtime is not just an IT issue; it is a trust issue,” says Johnny Karam, Managing Director and Vice President for International Emerging Regions at Cohesity.“When banking platforms freeze or hospitals cannot access patient data, it affects lives and erodes confidence in institutions.”

Compliance vs. resilience

The UAE has built one of the world's strongest data protection frameworks, from its Personal Data Protection Law to national AI ethics guidelines. Two-thirds of organisations say they are fully aligned with these regulations. Yet, as Karam points out,“Compliance is only half the equation. The next frontier is resilience - proving you can recover fast, maintain trust, and continue operating when everything is on the line.”

This gap between compliance and resilience is widening as GenAI adoption accelerates faster than risk readiness. Cohesity's study shows that 91 per cent of UAE business leaders admit AI innovation is outpacing their ability to manage new risks, while only 44 per cent express confidence in their resilience strategies. Globally, just 6 per cent of organisations have reached full resilience maturity.

As cyber threats grow more sophisticated, prevention alone is no longer sufficient.“Recovery speed has become the new benchmark for resilience,” Karam explains.“It's about restoring operations swiftly, maintaining data integrity, and protecting customer trust.” Cohesity advocates embedding resilience into every layer of operations - automating recovery, securing data with Zero Trust principles, and integrating AI with guardrails.

Gregg Petersen, Cohesity's Regional Director for the Middle East, adds:“A genuinely mature cyber resiliency stance today is not just about faster restoration. It's about ensuring data integrity, protecting reputation, and preserving customer confidence.” He warns that without robust recovery strategies, organisations risk turning innovation into exposure.

Resilience as a competitive advantage

The study concludes that resilience is emerging as a strategic differentiator for leadership confidence and financial health. Organisations that automate recovery and unify data protection will not only reduce downtime but also strengthen stakeholder trust and long-term growth.“In a world defined by AI disruption and constant change, the organisations that recover fast will be the ones that endure,” says Karam.

Cohesity is working with public and private sector entities across the Middle East through its AI-powered Data Cloud, helping them transform resilience into a measurable business advantage - ensuring that when disruption strikes, recovery is fast, secure, and complete.

MENAFN19112025000049011007ID1110369231