Cyber Insurance Adoption Rising in the UAE as Threat Landscape Intensifies
Cyber Insurance Adoption Rising in the UAE as Threat Landscape Intensifies
Dubai, 17 March 2026 – As cyber threats continue to escalate across the United Arab Emirates, organizations are increasingly turning to cyber insurance to mitigate the financial impact of cyberattacks. However, new research suggests that many organizations still lack comprehensive coverage, highlighting a growing gap between cyber risk exposure and financial protection.
According to the UAE Cybersecurity Survey 2025/26 conducted by cybersecurity company Horizon3.ai, 39% of organizations in the UAE report having comprehensive cyber insurance coverage in place. A further 19% say their policies cover only certain cyber risks, while 24% of organizations currently have no cyber insurance but are considering it. Meanwhile, 18% report having no cyber insurance and no plans to obtain it, or declined to answer, suggesting that many businesses may still underestimate the financial impact of cybercrime.
This gap is particularly striking given the scale of recent incidents. Amongst the 66% of respondents who reported experiencing a cyberattack within the past 24 months, 41% said they received a ransom demand, alongside other serious consequences including data theft, operational downtime, legal repercussions and damage to business operations.
The findings come at a time when the cyber threat landscape in the UAE is intensifying. The UAE Cyber Security Council has disclosed that the country faces more than 200,000 cyberattacks every day¹, many of them targeting strategic sectors and critical infrastructure. According to the Council, these attacks originate from multiple countries and are designed to disrupt key systems, steal sensitive data and undermine national security.
Growing Cyber Risk Drives Demand for Insurance
Cyber insurance is rapidly emerging as a key component of enterprise risk management in the UAE. Analysts estimate the country’s cyber insurance market is currently worth around USD 83 million, with strong growth expected in the coming years. As cyber threats intensify, regulations tighten and digital transformation accelerates, the market is projected to reach approximately USD 350 million by 2034².
Regulatory developments are also pushing organizations to strengthen their cybersecurity posture. Federal Decree-Law No. 34 of 2021 on Combating Rumours and Cybercrimes, alongside broader data protection frameworks, requires organizations to implement robust cybersecurity measures and comply with obligations related to cyber incident reporting.
Bridging the Gap Between Cyber Risk and Financial Protection
Cybersecurity expert Tamer Odeh, Middle East and Africa Regional Lead at Horizon3.ai argues that organizations and insurers alike still face a major challenge: accurately assessing real cyber risk. “Cyber insurance is becoming an increasingly important component of enterprise risk management,” he said. “But both organizations and insurers need better visibility into which weaknesses can actually be exploited in their IT environments.”
Horizon3.ai advocates an offensive security approach, with which organizations can proactively test their own on-premises and cloud environments using autonomous penetration testing. Their NodeZero Offensive Security Platform enables organizations to continuously test their environments from an attacker perspective, moving them from assumed risk to proof of exploitable security weaknesses, then to fix and verify issues are resolved.
From Compliance to Proof
As cyber threats become more automated and increasingly powered by artificial intelligence, insurers are expected to place greater emphasis on demonstrable cyber resilience. “Organizations able to show clear visibility into their cyber risk exposure and prove the effectiveness of their security controls may ultimately be better positioned to secure more competitive cyber-insurance premiums and stronger policy coverage,” said Tamer Odeh.
“Continuous testing is key for organizations to gain clear insight into what attack paths could affect their business and what their impact could be,” he continued. The offensive security approach helps align security teams, system administrators and business leadership around a shared, evidence-based understanding of risk. As the UAE continues to invest heavily in digital infrastructure and national cybersecurity initiatives, strengthening both cyber resilience and financial risk protection will become increasingly important for organizations operating in the region.
² https://www.imarcgroup.com/uae-cyber-insurance-market
About the Cybersecurity Survey 2025/26 (methodology)
The Horizon3.ai Cybersecurity Survey 2025/26 captured responses from 150 organizations across multiple sectors via an online questionnaire.
About Horizon3.ai.
Horizon3.ai’s NodeZero® Platform is trusted by 40% of the Fortune 10, the world’s largest banks, top global pharmaceutical and semiconductor manufacturers, critical infrastructure operators around the globe, and the US Defense Industrial Base to proactively find, fix, and verify exploitable vulnerabilities to continuously fortify cyber defenses and improve cyber resilience. The fastest-growing cybersecurity company in America (Inc. 5000, Deloitte Fast 500), Horizon3.ai was founded by a mix of US Special Operations veterans and industry experts and is headquartered in San Francisco.
Follow Horizon3.ai on LinkedIn and X.
Trademark notice: NodeZero is a trademark of Horizon3.ai
Further information: Press contact: Stephen Gates - press@horizon3.ai, Web: www.horizon3.ai
PR Agency: euromarcom public relations GmbH, Web: www.euromarcom.de, Email: team@euromarcom.com
- - - -