Seeking economic cyber security: a Middle Eastern example

Purpose - The transformation of the United Arab Emirates (UAE) into an important global economic player has been accompanied by digitalization that has also left it at a risk to cybercrime. Concurrent with the rise in technology use, the UAE fast became one of the most targeted countries in the world. The purpose of this paper is to discuss how the UAE has tried to cope with accelerating levels of cyber threat using legislative and regulatory efforts as well as public- and private-sector initiatives meant to raise cybersecurity awareness. Design/methodology/approach - The paper surveys the UAE’s cybersecurity legislative, regulatory and educational initiatives from 2003 to 2019. Findings - Because the human factor still remains the number one reason for security breaches, robust cyber laws alone are not enough to protect against cyber threats. Building public awareness and educating internet users about cyber risks and safety have become essential components of the UAE's efforts in building a more secure cyber environment for the country. Research limitations/implications - The paper relies on English-language translations of primary sources (laws) originally in Arabic, as well as English-language studies from local media. This should not be considered a problem, as English is established as the language of business and commerce in the UAE. Practical implications - The paper provides a detailed overview of the country’s cybersecurity environment to guide and aide practitioners with risk assessment and legal and regulatory compliance. Originality/value - The paper presents a comprehensive overview of the UAE’s cybersecurity legislative, regulatory and educational environment. It also surveys government and private sector initiatives directed in protecting the country’s cyberspace.