Updates & Highlights

As part of the weekly awareness campaign of the “Cyber Pulse” initiative, the Cyber Security Council emphasized the importance of digital identity, noting that it is one of the most valuable assets owned by individuals and organizations. The Council highlighted that nearly 97% of cyberattacks target passwords, while around 40% of social media users worldwide have either been compromised or have unintentionally shared personal data. It further warned that the consequences of a digital identity breach extend beyond data loss to include identity theft, fraud, financial losses, and negative impacts on personal and professional reputation. During the first half of the year, indicators also showed a significant increase of 32% in cyberattacks targeting digital identities, amid the growing reliance on digital services and smart applications. To strengthen protection, users are advised not to share sensitive personal information, to use strong and complex passwords, and to enable multi-factor authentication. These steps constitute the first line of defense against growing threats.

As part of the weekly awareness campaign of the “Cyber Pulse” initiative, the Cyber Security Council noted that cyber threats have become increasingly complex and widespread, driven by the growing reliance on the internet in various aspects of daily life. More than 750,000 browsing sessions are recorded daily, reflecting the vast scale of digital activity. Each browsing session represents an opportunity for targeting users through malware or fraudulent webpages, especially given the reliance on the internet for financial transactions, government services, and social communication. The Council affirmed that browser security technologies serve as a technical shield that protects users while browsing. These technologies include encryption, isolation, and preventive policies designed to prevent breaches, data leakage, and unauthorized tracking. Key guidelines to enhance browsing security include verifying links before clicking, regularly updating browsers, and avoiding downloads from untrusted sources.

As part of the weekly awareness campaign of the “Cyber Pulse” initiative, the Cyber Security Council stressed the importance of regular inspection and cleaning of electronic devices such as mobile phones and personal tablets, noting that these practices can reduce cyber incidents by up to 30%. The Council explained that the accumulation of unnecessary files and data makes it easier for malicious software to infiltrate devices, thereby increasing cyber risks and exposing users to potential data loss or privacy breaches. Key signs that a device may require cleaning include slow performance, unusual messages or recurring errors, full storage capacity, and the presence of unknown or unused applications. Therefore, it is important to adopt a simple digital cleaning routine that can significantly enhance device security. This routine includes using trusted security software, deleting unnecessary files and applications, and regularly updating operating systems and software to address vulnerabilities and enhance performance.

The Cyber Security Council has endorsed the “du Tech National Hypercloud” as the UAE’s first sovereign cloud ecosystem, reinforcing its alignment with the national security standards for data residency and protection. The platform strengthens trust with government entities and organizations across critical sectors, bringing together du Tech's local expertise, Oracle's world-class hyperscale technology, and the UAE government's commitment to digital sovereignty. The endorsement comes at a critical juncture as organizations across healthcare, finance, government, and critical infrastructure sectors increasingly seek cloud solutions that can deliver enterprise-grade capabilities without compromising on security or regulatory compliance. The platform's architecture ensures complete data residency while maintaining high performance, scalability, and innovation capabilities.

As part of the weekly awareness campaign of the “Cyber Pulse” initiative, the Cyber Security Council emphasized the importance of sharing files online in a secure manner, highlighting that approximately 25% of publicly accessible files contain sensitive personal data. Between 68% and 77% of privately shared files are accessible to individuals beyond the intended recipients, highlighting that cloud storage does not equate to automatic protection. The Council outlined a set of measures to protect files shared online, such as using strong passwords and changing them regularly, enabling two-factor authentication for accounts, avoiding public links when sharing sensitive files, regularly reviewing privacy settings and access permissions, deleting files or links that no longer need to be shared, securing Wi-Fi networks, and keeping devices and software updated. These measures, along with regularly reviewing application permissions, deleting old and unused accounts, encrypting email communications, activating VPNs when connecting to Wi-Fi networks, and backing up personal and corporate data, strengthen protection against evolving cyber threats and promote safer digital practices.

As part of the weekly awareness campaign of the “Cyber Pulse” initiative, the Cyber Security Council warned against the dangers associated with email fraud, noting that more than 75% of cyber attacks begin with a phishing email or a deceptive message. It highlighted that such messages may contain malicious software, aim to steal login credentials, or serve as a prelude to identity theft. 3.4 billion phishing emails are sent daily to obtain personal and financial data, as well as sensitive or critical information, which is later used to build cyberattacks or extortion schemes. Key indicators of fraudulent emails include requests for advance payments, pressure to take immediate action, requests for personal data without a clear purpose, offers that are too good to be true, unfamiliar login links, and numerous spelling and grammatical errors. The Council emphasized the importance of enabling multi-factor authentication, regularly installing automatic updates, and immediately reporting suspicious emails without interacting with them.

As part of the weekly awareness campaign of the “Cyber Pulse” initiative, the Cyber Security Council warned about the cyber risks associated with remote work, noting a nearly 40% increase in remote work–related cyber incidents in recent years. 92% of experts believe remote work models significantly increase the likelihood of security breaches, particularly as attackers exploit vulnerabilities in inadequately secured home networks and personal devices. 38% of such attacks target home routers, VPNs, and other remote access tools, which may allow attackers to intercept communications, steal login credentials, redirect employees to fraudulent websites, and access sensitive work-related data. These breaches can expose trade secrets and personal information, subjecting companies to lawsuits, heavy fines, and a significant loss of trust. The Council emphasized the importance of installing reliable antivirus software, regularly updating internet security programs, using secure VPN connections, and relying only on company-approved software and tools.

As part of the weekly awareness campaign of the “Cyber Pulse” initiative, the Cyber Security Council highlighted the growing cyber risks associated with mobile application permissions, warning that excessive or unjustified access may enable fraudsters to spy on users, steal personal data, and design targeted scam operations. The Council noted that approximately 62% of applications request unnecessary permissions, while around 65% of users fail to review them after installation, increasing exposure to privacy violations and digital threats. Key risks discussed included continuous location tracking, unauthorized access to microphones and cameras, and the exploitation of contact lists for phishing and extortion. The Council also emphasized that simple measures such as reviewing permissions, limiting access, and downloading applications from trusted sources can serve as a first line of defense. The initiative supports national efforts to strengthen digital awareness, promote responsible cyber behavior, and build a secure and resilient digital ecosystem in the UAE.

As part of the weekly awareness campaign of the “Cyber Pulse” initiative, launched by the Cyber Security Council, the Council warned about the risks posed by fake applications, which may serve as gateways for data and personal information theft, as well as fraud and cyber extortion. The campaign emphasized that avoiding the download of such applications and verifying sources can help users minimize risks and limit fraudsters’ access to user data. The Council explained that the risks posed by fake applications are not limited to data theft. They may also be used to lure victims and subsequently blackmail them after obtaining sensitive information, images, or financial data, exploiting the trust of users who download these applications without sufficient verification. Statistics indicate that, in 2025, approximately 73% of institutions were exposed to forms of cyber fraud through fake applications and other malicious digital tools, while more than 200 fake applications were identified and downloaded over 40 million times via the Google Play Store. The Cyber Security Council also confirmed that distinguishing between a legitimate and a fake application is possible through a set of measures often overlooked by users.

As part of the weekly awareness campaign of the ‘Cyber Pulse’ initiative launched by the Cyber Security Council, the Council highlighted the critical importance of cloud storage in addressing the growing digital and cyber threats. In its weekly awareness message, the campaign highlighted that cloud storage enables individuals and users to reduce risks, limit fraudsters’ access to user data, and safeguard personal information. The Council also pointed out several common cloud storage mistakes that individuals must avoid to protect their personal and financial data in cyberspace. The weekly awareness campaign noted that the most prominent of these mistakes include granting excessive identity and access management permissions, failing to enable multi-factor authentication, overreliance on public cloud storage that may expose sensitive data and facilitate the spread of malware, misconfigured security settings that leave critical systems vulnerable, absence of encryption (both at rest and in transit), and downloading applications without verifying their source or security standards. These mistakes expose many users to significant risks that directly threaten their digital security.

The Cyber Security Council established a strategic partnership with the Safe AI Cup 2026 to promote the ethical and secure use of artificial intelligence. Through this partnership, the Council sponsored and hosted the Safe AI Cup 2026, helping students across the UAE engage confidently with the digital era and deepen their understanding of AI technologies. As part of this effort, the Council also supported the students’ understanding of the role of artificial intelligence in their daily lives and in shaping the present and future through the CyberE71 program, contributing to the UAE’s long-term vision for a secure, sustainable, and resilient digital future. The Safe AI Cup 2026 is part of the ‘Safe AI for Society’ initiative, organized by the Emirates Safer Internet Society (eSafe), the Robotics and Automation Society (RAS), and the Global Innovation and Entrepreneurship (GIE), and hosted by the University of Dubai.

As part of the weekly awareness campaign of the ‘Cyber Pulse’ initiative launched by the Cyber Security Council, the Council warned in its weekly awareness message against publishing and sharing important or personal data and information across various social media platforms. The Council stressed that posting sensitive information on different social networking sites may expose individuals to various types of fraudulent attacks, as such data can be exploited to design targeted and customized scams. It also confirmed that around 40% of users have experienced privacy violations as a result of sharing excessive personal details about their lives, families, and other private matters on social media. Under the theme titled ‘The Risk of over sharing,’ the awareness campaign highlighted that even the simplest details, which may appear insignificant to individuals and are shared publicly, can be exploited in fraudulent schemes. The Cyber Security Council advised users to adopt a set of measures to safeguard privacy and protect data and information in cyberspace.

Mastercard signed an MoU with the Cyber Security Council to strengthen trust in the country’s digital ecosystem and advance cybersecurity resilience through the adoption of global best practices and forward-looking cybersecurity policies. Announced on the sidelines of the World Governments Summit (WGS) 2026 in Dubai, the collaboration also marked the launch of the UAE Cyber Threat Insights Report, which maps the country’s cybersecurity landscape and highlights the increasingly complex ecosystem of threat actors targeting organizations and critical sectors. This partnership will also enable Mastercard to apply its extensive expertise in combating cybercrime and fraud, reinforcing the UAE’s position as a global hub for cybersecurity and digital trust.

As part of the weekly awareness campaign of the ‘Cyber Pulse’ initiative, launched by the Cyber Security Council, the Council called for the adoption of secure and safe electronic donation methods ahead of Ramadan. Secure payment methods reduce fraudulent activities by 25% and protect individuals and entities from theft, electronic fraud, and identity theft. The weekly awareness message warned against unsecured electronic payment mechanisms, fake advertisements, fake refund schemes, and messages imitating the logos of banks or trusted financial entities. It also urged the use of encryption, dual or multi-factor authentication, data tokenization, and fraud prevention systems, alongside regularly reviewing privacy settings and updating software and operating systems.

Under the patronage of the Cyber Security Council, the OT Security First Forum was held on 4 February 2026 at Rosewood Abu Dhabi, bringing together senior government leaders, regulators, Chief Information Security Officers (CISOs), and industry pioneers to strengthen the UAE’s critical infrastructure defense across energy and utilities. The forum addressed the convergence of Information Technology (IT) and Operational Technology (OT), with discussions focused on Industrial Control Systems (ICS), SCADA, Industrial Internet of Things (IIoT), OT risk management, AI-powered threat detection and response, supply chain security, regulatory readiness, and cross-sector collaboration to advance cyber resilience.