Many UAE companies remain “critically vulnerable” to cyber-attacks and also face the added threat of falling foul of the General Data Protection Regulation (GDPR) which took effect this year, according to insurance firm AIG.
Since May this year, local companies which do business in Europe (or have dealings with European nationals) are required to comply with GDPR, which mandates organisations to report any kind of breach to the authorities within 72 hours of being aware of it.
But many companies in the country fail to “maintain basic cyber-hygiene practices”, and if their cyber-security is not compliant, they could face significant fines, according to Alexander Blom, head of Broker and Client Management at AIG MEA.
AIG said it has received more than 150 cyber insurance queries in the UAE in the past two years.
But while market awareness of cyber threats is improving, the company said it “frequently comes across businesses with poor governance and controls in…