Artificial intelligence is reshaping the security landscape for companies in the United Arab Emirates, but its adoption has also exposed fresh vulnerabilities. A new survey of 1,600 chief information security officers (CISOs) across 16 countries, including 100 in the UAE, reveals that insider threats and AI governance now dominate the concerns of security leaders.
The findings show a widening gap between innovation and protection, with CISOs under pressure to enable new technologies while guarding against an expanding array of threats. The study underscores the challenges of safeguarding customer trust and meeting rising regulatory expectations in one of the region’s fastest-growing digital economies.
Final Call: Be DPDP Act Ready with FCRF’s Certified Data Protection Officer Program
Insider Threats Drive Data Loss
Departing employees remain a major source of risk. Every UAE-based CISO surveyed reported some form of data leakage linked to insiders, despite widespread investment in prevention technologies. Forty-two per cent acknowledged their data was not adequately secured, while 57% identified employees as their single greatest vulnerability.
The consequences are visible in recent figures: 77% of CISOs in the UAE reported material data loss in the past year, a sharp increase from 45% in 2024. Many admitted to being underprepared for significant breaches, with more than half indicating they would consider paying a ransom to recover systems or prevent sensitive leaks. The findings reflect a climate in which human behaviour continues to undermine technical defences.
Generative AI: Promise and Peril
At the same time, artificial intelligence is forcing a strategic rethink. Sixty per cent of CISOs in the UAE view safe use of generative AI tools as a top priority for the next two years, but 55% remain concerned about potential exposure of customer data on public AI platforms.
The survey indicates a shift in approach: where companies once leaned toward outright bans, most are now introducing governance frameworks. Fifty-nine per cent have implemented usage guidelines, while 58% are exploring AI-powered defences. Yet enthusiasm has cooled, with adoption falling from a peak of 89% last year to more cautious levels today.
Adding to the strain, board-level support appears to be waning. Alignment between CISOs and company directors dropped to 57% in 2025, down from 90% a year earlier. For sectors like financial technology, where digital trust underpins growth, the findings point to the need for stronger governance, clearer AI guardrails, and renewed focus on insider risk.