Cyber risks are now considered to be a critical business risk, requiring organizations to demonstrate clear oversight, processes and procedures to prevent, detect and respond to cyberthreats.
A recent industry report found that the average cost of a data breach for businesses in the Middle East reached SAR 32.80 million in 2024, a nearly 10% increase from the recorded SAR 29.90 million in 2023.
According to recent cyberthreats reports, the UAE is facing a growing cybersecurity challenge. Notably, Infoblox’s 2023 Global State of Cybersecurity Report found that UAE respondents are most concerned about data leakage (48%), cloud attacks (40%) and attacks through networked IoT (29%).
Three Factors Causing Higher Breach Costs
In particular, the top three factors that amplified breach costs for local businesses were security skills shortages, non-compliance with regulations and security system complexity.
When analyzing the costs for local organizations, it was identified that a shortage of security skills contributes to the average increase in data breach costs by SAR 1.62 million. Aiming to mitigate talent shortages as well as demonstrate a readiness to embrace innovative solutions, 95% of UAE-based organizations plan to leverage AI technologies to fill at least 10% of vacant cybersecurity roles.
Another factor identified was non-compliance with regulations, which added an average of SAR 1.25 million to the cost of data breaches for businesses. Additionally, the complexity of security systems contributed an average of SAR 975,000 to these costs.
Costly Breaches
In 2024, business losses resulting from breaches in the Middle East, including operational downtime and reputation damage, averaged SAR 12.84 million per breach, up from SAR 10.02 million in 2023. Apart from that, post-breach customer response costs rose to SAR 9.01 million. Detection and escalation costs were recorded at SAR 8.42 million while notification costs amounted to SAR 2.53 million.
The energy sector faced the highest breach costs at SAR 36.90 million, followed by the financial industry at SAR 35.81 million, and the industrial sector at SAR 34.52 million.
In fact, the next major cyber threat is anticipated to target neither computers nor credit cards but rather vehicles, which is why legislation concerning automotive cybersecurity and data privacy is evolving.
How did this happen? Mostly through stolen or compromised credentials, which led to an average cost of SAR 33.6 million per breach. Social engineering breaches also averaged SAR 36.05 million while zero-day vulnerabilities, phishing, compromised business email, and cloud misconfiguration also incurred significant costs.
Leveraging Security AI and Automation
Despite the cyber risks of technology, it could also be utilized to mitigate gravitating impact. Organizations in the Middle East that widely implemented security AI and automation saw lower data breach costs, averaging SAR 26.54 million, compared to those without these technologies (incurring an estimated SAR 38.85 million in data breach costs).
These tools also shortened the data breach lifecycle, with AI-driven organizations identifying breaches in 198 days and containing them in 57 days on average. In contrast, organizations without these technologies took 294 days to identify and 78 days to contain breaches.
A survey of 1,500 IT and security leaders globally revealed that nearly half of the respondents from regions including the Americas, China, Europe, the Asia Pacific, Japan, and the Middle East and Africa are ready to adopt machine learning (ML) and analytics.
Read More:
Cybersecurity and Cloud Computing: Overcoming Risks to Usher In a Revolution
The Metaverse and Data Protection: How Companies Can Proceed Smartly
MECA Telecom Stakeholders Discuss ICT Policy and Cybersecurity Standards at MWC24
