Cohesity: UAE Workforce Ahead Of Its EMEA Peers In Cyber Confidence And Readiness

Cohesity has released the findings of a new study examining employee preparedness in the face of cyber threats. The research shows that the UAE workforce is ahead of its EMEA peers across several indicators of cyber-readiness, underscoring the country's progress toward its national vision for digital resilience and AI-enabled defence.
Conducted among full-time office workers in the UAE, United Kingdom, France, and Germany, the study assessed how confident employees feel in identifying and responding to cyberattacks. Among the standout results, 86 percent of UAE employees expressed confidence in recognising a cyber threat—compared to 81 percent in the UK, 80 percent in Germany, and just 62 percent in France. Nearly nine in ten (89%) UAE respondents also said they trust their organisation's ability to prevent and recover from attacks.
Beyond awareness, the study reveals encouraging signs of action-oriented behaviour. Two-thirds of UAE employees say they would report suspicious activity to their cybersecurity team, showing an apt response, in comparison to respondents from the UK (61%), Germany (53%), and France (48%). Amongst other UAE employees, over half would notify their IT department. This instinct to act is supported by ongoing education: 66 percent have received some form of cybersecurity training in the past year.
However, the research also highlights areas where further progress is needed. A small but notable group of employees say they would either attempt to resolve a threat on their own (15%) or turn to personal contacts first (19%), indicating a gap in internal reporting clarity, and a potentially risk to the entire organisation that mis-understanding of how important it is that reporting through the correct processes is critical to the quickest resolution of any potential risk of cyber attack . Among those hesitant to report incidents correctly, the leading reasons include fear of blame or confusion (46%), a belief that it isn't their responsibility (27%), and worry about overreacting (14%).
Johnny Karam, Managing Director and Vice President, International Emerging Region at Cohesity, commented: 'The findings reflect the UAE's clear leadership in cybersecurity readiness across the EMEA region. With initiatives driven by the UAE Cybersecurity Council and a strong national focus on AI and digital transformation, it's no surprise that employee awareness is rising in step with enterprise investment.'
'What stands out is not just awareness, but the willingness to act. The next step is closing the gap—equipping employees with the tools, clarity, and – perhaps most importantly – confidence to respond without hesitation. If we educate all employees of the serious risks to the organisation of not correctly reporting any potential cyber risks they see, encouraging a mentality that they will not get in trouble for doing so, and highlighting their individual capability to maximise the speed of response all UAE organisations can be more resilient. At Cohesity, we believe true cyber resilience is built on both technology and a culture of empowered people,' Johnny continued.
Workforce Preparedness in Step with UAE's Cyber Vision
The UAE's continued investment in cybersecurity infrastructure, most recently through advanced threat detection systems activated under the direction of the UAE Cybersecurity Council, demonstrates a firm national commitment to securing the digital landscape. The study shows that employees are already aligning with this vision: Two-thirds of the respondents have undergone cybersecurity training, with 39 percent participating in multiple sessions in the past year.
Over half (51%) would report a suspicious incident to IT, while 67% would notify a cybersecurity team, demonstrating a willingness to escalate issues through formal channels.
77 percent are familiar with the term 'ransomware', showing widespread awareness of key threat types.
Awareness of cyber threats is on the rise in the UAE, with 77% of employees familiar with the term 'ransomware'. This strong baseline offers an ideal foundation to build upon. By expanding education beyond surface-level awareness to include real-world examples and practical training, companies can empower their teams with the confidence and clarity needed to respond effectively.
Bridging the Gap Between Awareness and Action
While confidence in reporting and escalating potential ransomware threats within the organisation is high, the study reveals opportunities to further strengthen internal reporting behaviour. Around 15% say they would attempt to resolve a threat themselves, and 19% would first alert their personal contacts, These responses highlight a proactive mindset, which organisations can harness by further strengthening internal reporting protocols and promoting awareness of the appropriate escalation paths. Among the smaller group of employees who expressed hesitation in reporting a potential incident, the most common reasons included: UAE employees showed a strong sense of fear of blame or not understanding the issue (46%), while EMEA employees had a more neutral perspective (UK – 26%, Germany – 20%, and France – 15%).
27 percent of the UAE respondents believed it wasn't their responsibility, showing a much bigger gap to appreciating their role in their organisations cyber safety as compared to their EMEA counterparts (UK -10%, Germany – 12%, and France 19%).
14 percent UAE employees feared overreacting, in-tune with 18 percent of German respondents 15 percent from the UK and 11 percent of French respondents showing similar sentiment.
These insights present a valuable opportunity to reinforce a culture of psychological safety, where reporting is easy, supported, and encouraged. By removing the fear of repercussions and clearly defining roles, organisations can build employee confidence and ensure every individual knows how to respond swiftly and correctly.
The UAE Advantage: A Workforce Ready to Respond
With the UAE government actively advancing national cybersecurity capabilities and frameworks, the country is uniquely positioned to lead by example. Employees are ready and willing: confidence is high, training is widespread, and the instinct to act is evident. To fully unlock this potential, organisations must ensure that every employee, from the frontline to the C-suite, knows their role in safeguarding the business.
Mark Molyneux, CTO, EMEA at Cohesity, added: 'These findings confirm what we're seeing across the region: employees are increasingly aware of cyber risks and are willing to step up, which is largely due to the UAE Cyber Security Council's approach to increasing security awareness across the Emirates. But this awareness must be matched with action. The future of cybersecurity will be defined by how quickly organisations can enable secure, informed decisions at every level. That means embedding cyber resilience into daily operations, investing in smart automation, closing the gap between detection and response, and instilling a culture that supports employees in raising concerns early in a safe space. In fast-moving threat environments, AI-powered data security is not a luxury, it's an operational necessity.'
Methodology
The research was carried out by OnePoll between 28 May – 2 June 2025. The survey captured responses from 500 full-time office workers in the UAE to understand employee beliefs, behaviours, and preparedness about ransomware and other cyber threats.
OnePoll is a certified member of the Market Research Society (MRS), adheres to its Code of Conduct, and complies with ESOMAR 37 guidelines for online research. The organisation is also a member of the British Polling Council and Cyber Essentials Plus certified for meeting rigorous cybersecurity standards.

Try Our AI Features

Explore what Daily8 AI can do for you:

Learn with AIFact CheckingText to SpeechAI Summary

Related Articles

Zawya

24 minutes ago

• Zawya

UAE employees outperform European peers in cyber readiness: Cohesity study

A new study on 'Employee readiness to confront Cyber threats' has revealed that the UAE workforce surpasses its European peers across several key cyber readiness indicators. This progress highlights the UAE's significant strides toward achieving its national vision for digital resilience and AI-powered cyber defence. The study reflects the active efforts and sustained investments by the UAE government to strengthen its national cybersecurity capabilities, including developing regulatory frameworks and infrastructure. Among the notable milestones is the implementation of advanced threat detection systems, under the supervision of the UAE Cyber Security Council, positioning the country as a regional model in cyber preparedness. Conducted by Cohesity, a leading AI-powered data security firm, the study assessed full-time employees in the UAE, the United Kingdom, France, and Germany. It evaluated their confidence in detecting and responding to cyberattacks. The results showed that 86% of UAE employees expressed confidence in their ability to identify cyber threats, higher than the UK (81%), Germany (80%), and France (62%). Furthermore, nearly 89% of UAE respondents said they trust their organisations' ability to prevent and recover from cyberattacks. Encouraging behavioural indicators also emerged, with two-thirds of UAE employees stating they would report suspicious activity to their organisation's cybersecurity team. This compares to 61% in the UK, 53% in Germany, and 48% in France. Over half of the UAE respondents also said they would notify their IT department directly. This proactive approach is attributed to continuous awareness and training programmes, with 66% of UAE employees reporting they had received some form of cybersecurity training within the past year. Johnny Karam, Managing Director and Vice President, International Emerging Region at Cohesity, commented, 'The findings reflect the UAE's clear leadership in cybersecurity readiness across the Europe, the Middle East and Africa (EMEA) region. With initiatives driven by the UAE Cybersecurity Council and a strong national focus on AI and digital transformation, it's no surprise that employee awareness is rising in step with enterprise investment.' Mark Molyneux, CTO, EMEA at Cohesity, added, 'These findings confirm what we're seeing across the region: employees are increasingly aware of cyber risks and are willing to step up, which is largely due to the UAE Cyber Security Council's approach to increasing security awareness across the UAE." 'In fast-moving threat environments, AI-powered data security is not a luxury, it's an operational necessity,' he said.

Zawya

6 hours ago

• Zawya

Parkin's IPO recognised as Best Privatisation in EMEA

Parkin Company PJSC ('Parkin' or 'the Company'), the largest provider of paid public parking facilities and services in Dubai, has been awarded Best Privatisation in EMEA, at the 2025 EMEA Finance Achievement Awards in London. The annual awards ceremony recognises standout transactions and institutions shaping capital markets across Europe, the Middle East and Africa. The award celebrates Parkin's successful evolution from a government department into a high-performing and profitable listed infrastructure business. The carve-out process and subsequent public-to-private transition in March 2024 resulted in record oversubscription levels achieved on the Dubai Financial Market, with interest from high-quality local, regional and international investors generating AED 259 billion in total demand (US$71 billion), implying an oversubscription level of 165x. The recognition by EMEA Finance magazine reinforces Parkin's position as the benchmark for successful privatisation in the region, reflecting Dubai's leadership in developing investable and future-ready infrastructure platforms. The Best Privatisation in EMEA award follows last month's Best MENA IPO accolade from Euromoney, further enhancing Parkin's growing reputation for excellence in the transportation industry. Eng. Mohamed Abdulla Al Ali, CEO of Parkin, commented: 'Winning Best Privatisation in EMEA is a proud moment for both Parkin and Dubai. From the outset, our goal was to deliver a privatisation that set a new regional benchmark in transaction structure, investor interest and long-term value creation. The response to our IPO was extraordinary and what we have achieved since listing reflects the strength of our capex-light, cash-generative business model, our post-privatisation strategy and the ambitions of our team. This award is a testament not only to our success but also to Dubai's leadership in shaping innovative, world-class mobility infrastructure, demonstrating its ability to attract global investors through visionary privatisation initiatives.' About Parkin Company PJSC With a unique blend of operational excellence, technological know-how and enforcement capability spanning almost three decades, Parkin Company PJSC is the largest provider of paid public parking facilities and services in the Emirate of Dubai, with a portfolio of approximately 206k paid parking spaces, as at year end 2024. Parkin has a dominant position in relation to Dubai's on and off-street paid public parking market and a leading share of the overall paid parking market. Under a 49-year Concession Agreement with Dubai's Roads and Transport Authority (RTA), Parkin has the exclusive right to operate a portfolio of public on and off-street parking (c.184k spaces) as well as public multi-storey car parking facilities (c.3k spaces). Parkin also operates certain developer-owned parking facilities through partnership agreements across the Emirate (c.19k spaces) and provides barrierless, ticketless on behalf of Majid Al Futtaim across two malls. Additional revenue streams include enforcement, the issuance of seasonal permits, parking reservations and other commercial activities. By deploying state of the art digital payment solutions and intelligent parking management systems that utilise artificial intelligence and big data analysis, Parkin's customers successfully conducted 132m parking transactions in 2024. Dubai's parking operations were established in 1995 under the Dubai Municipality, before becoming part of the RTA in 2005. In December 2023, Parkin Company PJSC was established through the issuance of Law No. 30 of 2023, successfully completing its initial public offering (IPO) on the Dubai Financial Market in March 2024.

Tahawul Tech

6 hours ago

• Tahawul Tech

UAE employees outpace EMEA peers in cyber confidence, readiness: Cohesity

Dubai –Cohesity, a leader in AI-powered data security and resilience, today released the findings of a new study examining employee preparedness in the face of cyber threats. The research shows that the UAE workforce is ahead of its EMEA peers across several indicators of cyber-readiness, underscoring the country's progress toward its national vision for digital resilience and AI-enabled defence. Conducted among full-time office workers in the UAE, United Kingdom, France, and Germany, the study assessed how confident employees feel in identifying and responding to cyberattacks. Among the standout results, 86 percent of UAE employees expressed confidence in recognising a cyber threat—compared to 81 percent in the UK, 80 percent in Germany, and just 62 percent in France. Nearly nine in ten (89%) UAE respondents also said they trust their organisation's ability to prevent and recover from attacks. 86% of UAE employees feel confident in identifying cyberattacks, but reporting gaps still exist. Employees are willing to act – but fear of blame and unclear protocols still hold them back. With national cybersecurity investment gaining traction, organisations must now empower their people to complete the defense chain. Beyond awareness, the study reveals encouraging signs of action-oriented behaviour. Two-thirds of UAE employees say they would report suspicious activity to their cybersecurity team, showing an apt response, in comparison to respondents from the UK (61%), Germany (53%), and France (48%). Amongst other UAE employees, over half would notify their IT department. This instinct to act is supported by ongoing education: 66 percent have received some form of cybersecurity training in the past year. Cyber threats have become more advanced and relentless, turning data into both a critical asset and a primary target. Organisations now face mounting pressure to secure their digital ecosystems, navigate complex regulatory landscapes, and ensure business continuity. Cohesity addresses these challenges through a platform that unifies data security, simplifies recovery, and fosters a culture of resilience. Speaking to Mark Molyneux, CTO, EMEA, and Johnny Karam, Managing Director and Vice President, International Emerging Region at Cohesity, share how enterprises can strengthen their cyber posture by combining cutting-edge technology with empowered, security-conscious teams. Interview Excerpts: Q: Why is data security so critical for organisations today, regardless of size? Mark Molyneux: Data is vital to any organisation, and threat actors target it for its value. Even partial access or corruption can cause catastrophic damage. Modern attacks are sophisticated; once inside, bad actors map systems and target backups to prevent recovery, leaving organisations with two choices: pay a ransom or face ruin. Cohesity helps organisations understand their data landscape, as most don't classify their vast amounts of information. This leaves them vulnerable to theft or deletion without knowing what's lost. Cohesity focuses on threat detection, anomaly hunting, and clean recovery, shifting from mere backup to cyber resilience. They provide tools to track access, report to regulators, and ensure quick, secure recovery. Q: With your background in financial services and IT, how are top-tier organisations in EMEA adapting their hybrid cloud strategies in response to increasing cyber threats and regulatory pressures? Mark Molyneux: Regulatory pressure is intensifying globally, with regulations like Europe's DORA and existing UK mandates. The UAE has proactively responded by developing a cybersecurity framework, fostering innovation, and prioritizing education, leading to high ransomware awareness (86% vs. France's 61%). Despite this, a fear of reporting incidents persists, increasing risk. Cohesity aids organisations in measuring and improving their cyber maturity with a five-step model, emphasising readiness for inevitable cyberattacks by providing recovery and rapid online restoration. Q: How does Cohesity's next-gen data security and management platform address the challenges large enterprises face in managing data across multi-cloud environments? And how does centralising data reduce cost? Mark Molyneux: Our platform, designed over a decade ago, automatically classifies and indexes data upon arrival. This ensures precise data knowledge, retention, and location within your records strategy. This also brings significant cost efficiencies by eliminating unnecessary data storage, reducing hardware investment, optimising cloud usage, and aligning with sustainability goals. We integrate AI and natural language processing for smart, contextual queries. For instance, our RAG AI accurately finds vendor contracts from specific timeframes, referencing data origin for full traceability, surpassing standard generative AI models. Q: What recurring challenges are shaping Cohesity's product development and innovation roadmap? Mark Molyneux: Our current focus is on integrating Veritas, which was acquired in December. We're unifying Veritas's technology with Cohesity's capabilities, evolving both NetBackup and DataProtect under one management pane. Mohit Aron's intelligent file system will support both environments. Gaia, our AI product, will extract insights from data across both portfolios, aligning with our mission to protect, secure, and derive insight from data. Q: When large enterprises consolidate data into a centralised platform across geographies, how do you ensure zero trust? Especially in today's hybrid work environments, how can organisations be sure their data is secure and access is tightly controlled? Johnny Karam: It's a great and very relevant question. Our platform is built with zero trust at its core. As enterprises move data from various clouds and data centres into one secure platform, we ensure multiple layers of protection: Encryption – All data is encrypted at rest and in transit. Multi-Factor Authentication – It's not enough to just have a username and password; access requires multi-factor authentication. Multi-Person Authorisation – For high-sensitivity data, one person alone cannot delete or alter it. You can configure the system to require two or more authorised users to approve critical actions. Immutability and Air Gapping – We store a secure, remote copy of the data (WORM – Write Once, Read Many) that cannot be altered, even in the event of a breach. These controls are just part of our embedded security framework. Additional advanced features are also included but go beyond the scope of today's conversation. Security is not an add-on for us—it's built into the DNA of the platform. That's why customers trust us. Q: What practical steps should organisations in the region take to close the gaps in internal reporting and foster a culture of psychological safety around cyber incident disclosures? Johnny Karam: While UAE organisations have improved cyber awareness—86% of employees recognise threats—a gap remains in reporting. Our research shows 46% hesitate to report due to fear of blame. To bridge this, organisations must cultivate a psychologically safe environment where reporting is encouraged, even for false alarms. Simplifying protocols and using simulations will help reinforce that reporting is always the correct action. At Cohesity, we believe cyber resilience relies on empowered people and a culture where employees confidently exercise their reporting responsibility. Q: The study indicates that 46% of UAE employees hesitate to report threats due to fear of blame or confusion. How can Cohesity's approach to data security and resilience support enterprises in transforming this mindset into a strength, particularly in high-pressure threat scenarios? Johnny Karam: Fear-based hesitation undermines security. Cohesity approaches cyber resilience holistically, integrating secure technology with empowered human behavior. Our platform aids rapid detection, response, and recovery, reducing employee stress. Critically, we partner with leadership to foster a culture of shared responsibility through cyber maturity frameworks, assessing technology, people, and processes. When employees trust their actions, have clarity, and confidence, they become a vital defense. Normalising reporting, clarifying escalation paths, and removing ambiguity replaces hesitation with decisive, informed action. Q: With the UAE's strategic focus on AI and national cyber frameworks, how is Cohesity aligning its roadmap in emerging regions to support not just technological readiness but also employee empowerment as a critical part of cyber resilience? Johnny Karam: The UAE is rapidly advancing in AI and cybersecurity, a vision Cohesity aligns with. Our roadmap for the region focuses on delivering AI-powered technology for resilience and empowering users. We've integrated AI into our platform for automated threat detection and faster response, viewing AI as a tool to amplify human decision-making. We invest in secure, intuitive solutions that support all employees, not just IT. Employee empowerment is crucial for cyber resilience; we aim for every user to operate with clarity and contribute to security. The UAE offers a significant opportunity to shape a global model for workforce-driven resilience.