DUBAI/UAE: Gallagher, a leading global insurance brokerage and risk consultancy, today issued guidance for businesses across the Middle East as the region faces a surge in sophisticated cyber threats driven by geopolitical tensions and the rapid weaponisation of artificial intelligence.

The scale of the threat is stark. Prior to the outbreak of the current regional conflict, UAE authorities were intercepting between 90,000 and 200,000 cyberattacks per day. That figure has since surged to between 600,000 and 800,000 daily attempts according to reports an average increase of approximately 3.5 times the majority of which are attributed to state-backed actors, according to Dr. Mohamed Al Kuwaiti, Head of Cybersecurity for the UAE Government.

Iran-linked groups are deploying AI tools including large language models for reconnaissance, phishing, malware development, and deepfake-driven information warfare. The Abu Dhabi Emergency, Crisis and Disaster Management Centre has identified phishing, account breaches, AI-enabled deepfakes, and identity theft as the most prevalent threats during periods of emergency.

As well as increasing sharply in volume, attacks are qualitatively more sophisticated and harder to detect - a dangerous combination that leaves underprepared organisations significantly exposed.

Jamie Gee, Director of Financial Lines for Gallagher in the Middle East & Africa, said: "The Middle East is navigating one of the most complex cyber threat environments we have seen. State-sponsored actors, geopolitical pressure, and AI-enhanced attack tools have raised the stakes for regional businesses significantly.

The near tripling of daily attack volumes since the conflict escalated reflects a structural shift in the threat landscape that businesses cannot afford to ignore. Organisations without robust incident response planning and cyber insurance are dangerously exposed. The question is no longer if an incident will occur, but whether you will be ready to respond."

He advises five priority actions for regional businesses:

  1. Test incident response plans

Run tabletop exercises and scenario simulations. Verify a 24/7/365 incident response protocol is in place, with key personnel and specialist vendors identified before an incident strikes.

  1. Heighten monitoring and employee awareness

Implement real-time monitoring and logging to detect threats promptly. With human error a primary cause of incidents, regular awareness training and phishing simulations are essential — particularly given the sophistication of AI-generated attacks.

  1. Strengthen access security

Enforce multi-factor authentication (MFA) across remote access, email and cloud services. Patch systems regularly and maintain encrypted, offline data backups to limit ransomware exposure.

  1. Scrutinise your supply chain

Review third-party exposures and over-dependencies on single providers. Evaluate the cyber maturity of critical SaaS, cloud and OT suppliers, and embed minimum security requirements contractually.

  1. Transfer the risk

If cyber insurance is not in place, explore transferring financial risk to the market. If already procured, confirm your incident hotline and claims protocol. Notify your broker immediately if an incident occurs.

For further press information, please contact:
Emma Procter +971 58 114 1041, Rostrum
Emma Banks Emma_banks@ajg.com, +44 7894 158605

About Gallagher

Gallagher is the brand name of Arthur J. Gallagher & Co. (NYSE: AJG) — the global insurance broker, risk management services and consulting firm headquartered in Rolling Meadows, Illinois.

Gallagher offers client service capabilities in more than 130 countries around the world through a network of correspondent brokers and consultants. 

For further information, please visit www.ajg.com/uk