NEWS
Sophos report finds nearly half of companies in the UAE opt to pay the ransom
Chester Wisniewski, Director, Field CISO, Sophos
Globally, in 71 % of cases where the companies paid less, they did so through negotiation – either through their own negotiations or with help from a third party.
In fact, while the median global ransom demand dropped by a third between 2024 and 2025, the median global ransom payment dropped by 50 %, illustrating how companies are becoming more successful at minimising the impact of ransomware.
Sophos, a global leader of innovative security solutions for defeating cyberattacks, has released its sixth annual State of Ransomware report, a vendoragnostic survey of IT and cybersecurity leaders across 17 countries that studies the impact of ransomware attacks on businesses. This year’ s survey found that nearly 50 % of companies globally paid the ransom to get their data back – the second highest rate of ransom payment for ransom demands in six years.
While 43 % of organisations in the UAE that had data encrypted paid the ransom, 30 % of them paid less than the original demand.
Overall, the median ransom payment in the UAE was US $ 1.33 million, although the initial demand varied significantly depending on organisation size and revenue.
Across the globe, the median ransom demand for companies with over US $ 1 billion in revenue was US $ 5 million while organisations with US $ 250 million revenue or less saw median ransom demands of less than US $ 350,000.
New DFSA report explores regulatory insights into cybersecurity, AI and quantum risks
The Dubai Financial Services Authority
( DFSA), the independent regulator of the Dubai International Financial Centre( DIFC), has published its latest report, Cyber and Artificial Intelligence Risk in Financial Services: Strengthening Oversight Through International Dialogue. The report provides timely insights into the evolving digital risk landscape and explores how emerging technologies such as AI and quantum computing are reshaping regulatory priorities.
The publication follows the DFSA’ s inaugural Cyber and AI Risk Regulatory College, held in May 2025, which brought together 70 senior representatives from 18 financial authorities across the Middle East, North America, Europe, Africa and Asia. The college served as a platform for international dialogue on the increasing complexity and interconnection of cyberrisks, AI adoption and the long-term implications of Quantum Computing.
Justin Baldacchino, Managing Director, Supervision, DFSA
Justin Baldacchino, Managing Director, Supervision, DFSA, said:“ Digital risks are no longer peripheral – they are fast becoming systemic. This report reflects a growing supervisory consensus on where these risks are converging and how regulatory approaches are evolving. At the DFSA, we were proud to host our first Cyber and AI Risk Regulatory College and we look forward to continuing meaningful dialogue with our regional and international peers in support of a secure, resilient and trusted global financial system.”
The report explores supervisory perspectives on three interconnected areas: cybersecurity threat landscape, Quantum Computing and AI emerging risks.
It draws on global insights and expert discussions on how financial regulators can respond to emerging risks without compromising innovation.
www. intelligentcio. com INTELLIGENTCIO MIDDLE EAST 11