Dubai –Cohesity, a leader in AI-powered data security and resilience, today released the findings of a new study examining employee preparedness in the face of cyber threats. The research shows that the UAE workforce is ahead of its EMEA peers across several indicators of cyber-readiness, underscoring the country’s progress toward its national vision for digital resilience and AI-enabled defence.
Conducted among full-time office workers in the UAE, United Kingdom, France, and Germany, the study assessed how confident employees feel in identifying and responding to cyberattacks. Among the standout results, 86 percent of UAE employees expressed confidence in recognising a cyber threat—compared to 81 percent in the UK, 80 percent in Germany, and just 62 percent in France. Nearly nine in ten (89%) UAE respondents also said they trust their organisation’s ability to prevent and recover from attacks.
- 86% of UAE employees feel confident in identifying cyberattacks, but reporting gaps still exist.
- Employees are willing to act – but fear of blame and unclear protocols still hold them back.
- With national cybersecurity investment gaining traction, organisations must now empower their people to complete the defense chain.
Beyond awareness, the study reveals encouraging signs of action-oriented behaviour. Two-thirds of UAE employees say they would report suspicious activity to their cybersecurity team, showing an apt response, in comparison to respondents from the UK (61%), Germany (53%), and France (48%). Amongst other UAE employees, over half would notify their IT department. This instinct to act is supported by ongoing education: 66 percent have received some form of cybersecurity training in the past year.
Cyber threats have become more advanced and relentless, turning data into both a critical asset and a primary target. Organisations now face mounting pressure to secure their digital ecosystems, navigate complex regulatory landscapes, and ensure business continuity. Cohesity addresses these challenges through a platform that unifies data security, simplifies recovery, and fosters a culture of resilience. Speaking to tahawultech.com, Mark Molyneux, CTO, EMEA, and Johnny Karam, Managing Director and Vice President, International Emerging Region at Cohesity, share how enterprises can strengthen their cyber posture by combining cutting-edge technology with empowered, security-conscious teams.
Interview Excerpts:
Q: Why is data security so critical for organisations today, regardless of size?
Mark Molyneux:
Data is vital to any organisation, and threat actors target it for its value. Even partial access or corruption can cause catastrophic damage. Modern attacks are sophisticated; once inside, bad actors map systems and target backups to prevent recovery, leaving organisations with two choices: pay a ransom or face ruin. Cohesity helps organisations understand their data landscape, as most don’t classify their vast amounts of information. This leaves them vulnerable to theft or deletion without knowing what’s lost. Cohesity focuses on threat detection, anomaly hunting, and clean recovery, shifting from mere backup to cyber resilience. They provide tools to track access, report to regulators, and ensure quick, secure recovery.
Q: With your background in financial services and IT, how are top-tier organisations in EMEA adapting their hybrid cloud strategies in response to increasing cyber threats and regulatory pressures?
Mark Molyneux:
Regulatory pressure is intensifying globally, with regulations like Europe’s DORA and existing UK mandates. The UAE has proactively responded by developing a cybersecurity framework, fostering innovation, and prioritizing education, leading to high ransomware awareness (86% vs. France’s 61%). Despite this, a fear of reporting incidents persists, increasing risk. Cohesity aids organisations in measuring and improving their cyber maturity with a five-step model, emphasising readiness for inevitable cyberattacks by providing recovery and rapid online restoration.
Q: How does Cohesity’s next-gen data security and management platform address the challenges large enterprises face in managing data across multi-cloud environments? And how does centralising data reduce cost?
Mark Molyneux:
Our platform, designed over a decade ago, automatically classifies and indexes data upon arrival. This ensures precise data knowledge, retention, and location within your records strategy. This also brings significant cost efficiencies by eliminating unnecessary data storage, reducing hardware investment, optimising cloud usage, and aligning with sustainability goals. We integrate AI and natural language processing for smart, contextual queries. For instance, our RAG AI accurately finds vendor contracts from specific timeframes, referencing data origin for full traceability, surpassing standard generative AI models.
Q: What recurring challenges are shaping Cohesity’s product development and innovation roadmap?
Mark Molyneux:
Our current focus is on integrating Veritas, which was acquired in December. We’re unifying Veritas’s technology with Cohesity’s capabilities, evolving both NetBackup and DataProtect under one management pane. Mohit Aron’s intelligent file system will support both environments. Gaia, our AI product, will extract insights from data across both portfolios, aligning with our mission to protect, secure, and derive insight from data.
Q: When large enterprises consolidate data into a centralised platform across geographies, how do you ensure zero trust? Especially in today’s hybrid work environments, how can organisations be sure their data is secure and access is tightly controlled?
Johnny Karam:
It’s a great and very relevant question. Our platform is built with zero trust at its core. As enterprises move data from various clouds and data centres into one secure platform, we ensure multiple layers of protection:
- Encryption – All data is encrypted at rest and in transit.
- Multi-Factor Authentication – It’s not enough to just have a username and password; access requires multi-factor authentication.
- Multi-Person Authorisation – For high-sensitivity data, one person alone cannot delete or alter it. You can configure the system to require two or more authorised users to approve critical actions.
- Immutability and Air Gapping – We store a secure, remote copy of the data (WORM – Write Once, Read Many) that cannot be altered, even in the event of a breach.
These controls are just part of our embedded security framework. Additional advanced features are also included but go beyond the scope of today’s conversation. Security is not an add-on for us—it’s built into the DNA of the platform. That’s why customers trust us.
Q: What practical steps should organisations in the region take to close the gaps in internal reporting and foster a culture of psychological safety around cyber incident disclosures?
Johnny Karam:
While UAE organisations have improved cyber awareness—86% of employees recognise threats—a gap remains in reporting. Our research shows 46% hesitate to report due to fear of blame. To bridge this, organisations must cultivate a psychologically safe environment where reporting is encouraged, even for false alarms. Simplifying protocols and using simulations will help reinforce that reporting is always the correct action. At Cohesity, we believe cyber resilience relies on empowered people and a culture where employees confidently exercise their reporting responsibility.
Q: The study indicates that 46% of UAE employees hesitate to report threats due to fear of blame or confusion. How can Cohesity’s approach to data security and resilience support enterprises in transforming this mindset into a strength, particularly in high-pressure threat scenarios?
Johnny Karam:
Fear-based hesitation undermines security. Cohesity approaches cyber resilience holistically, integrating secure technology with empowered human behavior. Our platform aids rapid detection, response, and recovery, reducing employee stress. Critically, we partner with leadership to foster a culture of shared responsibility through cyber maturity frameworks, assessing technology, people, and processes. When employees trust their actions, have clarity, and confidence, they become a vital defense. Normalising reporting, clarifying escalation paths, and removing ambiguity replaces hesitation with decisive, informed action.
Q: With the UAE’s strategic focus on AI and national cyber frameworks, how is Cohesity aligning its roadmap in emerging regions to support not just technological readiness but also employee empowerment as a critical part of cyber resilience?
Johnny Karam:
The UAE is rapidly advancing in AI and cybersecurity, a vision Cohesity aligns with. Our roadmap for the region focuses on delivering AI-powered technology for resilience and empowering users. We’ve integrated AI into our platform for automated threat detection and faster response, viewing AI as a tool to amplify human decision-making. We invest in secure, intuitive solutions that support all employees, not just IT. Employee empowerment is crucial for cyber resilience; we aim for every user to operate with clarity and contribute to security. The UAE offers a significant opportunity to shape a global model for workforce-driven resilience.