UAE targets long-term cyber resilience in face of hacking threat

The comprehensive approach to cyber security used in the UAE and Singapore is needed to achieve long-term resilience with threats evolving in size and scope as new technology emerges, according to a new report from the World Economic Forum . New technology and devices are giving cyber criminals “an increased attack surface” which is only widening, the Switzerland-based body said in a new white paper released on Wednesday. Building a sustainable system of security with ethical foundations and threat measures is key, it found. “The UAE has much more holistic analysis of technology. They don't just build it for one single use,” said Dr Hoda Alkhzaimi, co-chairwoman of the WEF's Global Future Council for Cyber Security. This is in contrast to global dominant approach of seeking the “huge economic value of a first movers advantage”, Dr Alkhzaimi, one of the lead authors of the report, told The National. The goal of most countries is to invest in research and development to tap into the technology first, and compel others to be users and mass distributors, as opposed to developers. “They tend to sacrifice governance, security and reliability structures,” said Dr Alkhzaimi, especially as emerging advanced technologies such as large language models introduce new problems such as the ability to hallucinate. “That can bring a level of error into the market.” The WEF report looks beyond profitability to measure cyber resilience, factoring in actions that build opportunity and long-term value from emerging technologies, she added. “You have to have the responsible behaviour of establishing a risk framework around every technology that you are bringing to market – the effects, the impact, the threats, the vulnerabilities – before we bring them to the market,” she said. “Technology needs to be robust and trusted, and this is what we want – versus the commercial approach.” Entry points for potential cyber-attacks are growing at an “unprecedented” rate, and that will only continue with the number of Internet of Things devices expected to surpass 32 billion by 2030, the WEF report said. That is double the 15.9 billion devices of 2023 and could be near 40 billion by 2033, data from Transforma Insights and Exploding Topics shows. The global community is investing and implementing this emerging technology as it is critical for economic sovereignty and governance, said Dr Al Khzaimi. "Over 100 critical and emerging technologies are being developed at the moment to capture global economic competitive and monopolistic advantages globally by different players," she added. Emerging technologies such as AI, quantum computing, IoT, blockchain and biotechnology are rapidly transforming industries and redefining societal norms, the WEF report said. The accompanying significant increase in cyber security risks requires a “fundamental shift in approach to technology development and deployment”, with the traditional mindset of security by design now insufficient. “Instead, there is a pressing need to adopt a 'resilience by design' approach, which goes beyond mere protection to ensure that systems can withstand and recover from the inevitable attacks that will occur as these technologies continue to evolve and proliferate,” the report said. The UAE’s regulatory frameworks, promoting collaboration and investing in research and development, “provides an interesting case study of a nation working to anticipate and adapt to technological changes before they reach their crescendo”, the study said. By balancing technological advances with ethical considerations and robust security measures, the Arab world's second-largest economy “aims to maintain its leadership in technological innovation and ensure a secure and competitive tech ecosystem”. Singapore, meanwhile, continues to work on adopting a comprehensive multi-stakeholder strategy designed to enhance cyber security resilience through research, innovation and supply-chain risk management, the WEF said. South-East Asia's third-biggest economy continues to refine this approach by “focusing on promoting innovation, developing cybersecurity talent and enhancing supply chain risk management”, it added. This reflects a defensive approach, which focuses more on building cyber resilience from within and attracting the talent to do so, Oyku Isik, a professor of digital strategy and cybersecurity at the Lausanne-based IMD Business School for Management, told The National. The UAE and Singapore “have the advantage of being a small country, [but] they have been already digital from the very early days. They've been investing in this … they have also been super proactive in creating a sustainable ecosystem and paying attention to bringing in talent and with upskilling programmes”, said Ms Isik, a contributor to the WEF report. Last month, the UAE was named as a global leader for its efforts to bolster cyber security measures, securing the highest tier-one rating – for countries viewed as role models in the sector – in the International Telecommunication Union's Global Cybersecurity Index 2024. The world's two largest economies take a more outward approach: they tend to focus more on attacking potential threats before they could even infiltrate their systems – “hacking the hackers before they hack you”, Ms Isik said. This method has resulted in two key dynamics: economic impact and a cautious approach when it comes to China. The US's focus on offensive security has resulted in the private sector bearing the brunt, as most cyber gangs focus on private corporations, risking a potential significant impact on the economy, Ms Isik said, citing research resources. China, which has been accused of being a national security threat through the devices manufactured in the country – allegations it has consistently denied – has prompted other countries to take precautionary measures.

UAE targets long-term cyber resilience in face of hacking threat

Entry points for potential attacks growing quickly, creating need for more proactive measures for emerging technology, WEF study reports