Is the UAE’s Digital Strategy 2025 enough to combat cyber risks?

The frantic and glitzy cyberworld has a frightening underbelly. Anyone doubting the threat lurking in digital interaction and transactions should look at these local numbers. The UAE’s public sector admittedly faces around 50,000 cyberattack efforts daily. The country averted over 71 million attempted cyberattacks in the first three quarters of last year, and 87 per cent of companies in the UAE have faced different forms of cyber incidents, 25 per cent caused by deliberate malicious behaviour by employees.

While that samples the threat, it is not about one country or another. All countries are equally vulnerable, even though affluence and connectivity could make some countries more attractive to attackers than others. As the UAE positions itself as a global hub for business and innovation, it is understandably spearheading digital transformation that brings its own set of challenges, particularly in cybersecurity. Unfortunately, the swift pace of digital adoption also piques the interest of increasingly sophisticated cybercriminals, highlighting vulnerabilities within the system.

Governed by the ambitious UAE Digital Government Strategy 2025, the nation is laying down a vision for an inclusive, digital-first future. This strategy incorporates 64 digital initiatives spread across six pillars, promising to redefine public services through the Unified Digital Platform and aim for smart, resilient cities, such as under the Smart Dubai 2021 Strategy. However, a strategy only suffices once all the stakeholders commit to combat the challenge.

The rapid expansion of technologies such as cloud computing, operational technology, and artificial intelligence broadens the attack surface, offering cyber criminals more opportunities to exploit. As the nation integrates these advanced technologies, it faces the complexities of integration and data security concerns, requiring a robust digital governance framework that is both inclusive and resilient. As a global hub, the UAE also has to manage the risks associated with cross-border data flows, including compliance with international data protection regulations.

The UAE’s strategy commits to inclusivity, ensuring that digital government initiatives leave no one behind. This includes adopting open processes and focusing on accessibility for all groups, especially the elderly, people with disabilities, women, and children. Under the resilience dimension, the UAE aims to leverage emerging technologies to anticipate and proactively respond to crises. This involves creating more robust government operations and educating the public and businesses about cybersecurity risks and best practices.

The strategy also promotes cross-sectoral collaboration and sets national digital priorities. It requires deep integration of digital technologies at all government levels. With a focus on user-driven services, the UAE strategy emphasizes the importance of designing digital services around people’s needs, enhancing engagement and convenience. Digital transformation is mandated across all policy processes, with ongoing experimentation to align with rapid technological advancements.

The data-driven dimension recognises the value of data in enhancing public services. However, managing this data securely and ethically is paramount to prevent breaches and ensure public trust. The strategy’s emphasis on proactiveness, facilitated by technologies like the UAE National Digital ID, aims to streamline interactions with government services. This reduces bureaucratic hurdles and necessitates advanced security measures to safeguard against identity theft and unauthorised access.

The overarching objectives of the UAE digital strategy include providing world-class digital infrastructure and integrated services designed to meet user needs. The commitment to raising digital skills and ensuring legislative readiness for digital transformation is crucial. However, achieving these objectives requires a comprehensive cybersecurity framework that keeps pace with digital advancements to mitigate risks effectively.

While the UAE’s Digital Strategy 2025 lays a robust foundation for a digital future, it also requires a parallel enhancement in cybersecurity measures. Addressing the shortage of skilled cybersecurity professionals and advancing the current digital infrastructure to defend against and withstand sophisticated cyberattacks are imperative. Only then can the UAE hope to secure its digital transformation ambitions against the ever-evolving landscape of cyber threats.

The strategy aims to transform the country into a world leader in digital economy, innovation, and government services. However, like any ambitious digital transformation strategy, it faces challenges, particularly regarding cybersecurity. The strategy will need to evolve to address the growing cybersecurity needs to ensure that the digital advancements it promotes do not become vulnerabilities. Establishing and continuously updating a comprehensive cybersecurity framework that defines standards, practices, and responses to cyber threats goes a long way in achieving this objective.

The UAE’s strategy must continue to develop robust cybersecurity frameworks to protect against increasing cyber threats. This includes technological solutions and regulatory and legal frameworks that can adapt to new types of cyber threats, which evolve rapidly, and strategies need to be dynamic to respond effectively. The UAE’s proactive stance in regularly updating its cybersecurity strategies and collaborating internationally is vital to mitigating these risks alongside ongoing vigilance and improvement.

Ehtesham Shahid is an Indian editor and researcher based in the UAE. X: @e2sham.

• Opinion
• UAE