Justifying the need for a data security management plan for the UAE

Purpose – As the United Arab Emirates (UAE) organizations are embarking onto the intensive technology world where the exchange of information is increasingly taking place through electronic means and data are stored electronically, this paper attempts to investigate the need to develop a UAE data security strategy and a detailed framework that can ensure the safety of data and can also cope with all types of disasters expected in the country. The paper also reviews and analyses the types of hazards in the UAE. Design/methodology/approach – In order to obtain a global view on how organizations in the UAE are managing the security of their electronic information, a questionnaire has been designed and distributed with the aim of obtaining a clear understanding of their data security procedures, practices, and policies. Findings – The research has shown that organizations from the outset should have a set-plan, which has to be periodically analyzed, reviewed, and modified to keep abreast of the technological advancements and risks in order to protect electronic data. Originality/value – An extensive review of the literature has shown that no comprehensive research work has investigated data security management in the UAE. This makes the current study of particular importance in contributing to knowledge but also original in the context of the UAE where very little work has been undertaken on the subject.