Empirical research on the resilience of smart tourist destinations (STDs) to cybersecurity threats is scarce. The current research aims to address this gap by exploring cybersecurity risks within STDs and their resilience to withstand cyber threats. Employing a qualitative approach, we conducted 15 semi-structured interviews with cybersecurity experts and stakeholders in Dubai's tourism and hospitality sector. Through the lens of Complex Adaptive Systems (CAS) theory, the results uncovered a range of cyber risks challenging STDs, necessitating diverse countermeasures. We found that the characteristics of STDs e.g. interconnectivity, decentralization and adaptability contribute to cybersecurity resilience. Key resilient components identified include data encryption and backup, robust incident response plans, access control, network segmentation, and awareness initiatives. In addition, collaboration and partnerships were also recognized as fundamental in reinforcing STDs' resilience to cyber risks. Furthermore, the study underlined challenges and strategies pertaining to system integrity and identity in combating cyber threats within STDs.