Technology

Help AG, the cybersecurity arm of e&, has released its State of the Market Report 2026, identifying sovereignty, operational resilience, and artificial intelligence (AI) as the defining forces shaping cybersecurity strategies across the UAE and Saudi Arabia.

The sixth edition of the annual report draws on intelligence gathered from Help AG's Security Operations Centres (SOCs) in Dubai and Riyadh, as well as insights from cybersecurity experts, technology partners, and organisations across the Gulf region.

According to the report, the cybersecurity landscape has entered a new phase where organisations must adapt to machine-speed attacks, AI-driven threats, and increasingly complex digital infrastructure environments.

Cyberattacks Intensify Across the Region

The report highlights a significant escalation in both the volume and sophistication of cyberattacks targeting organisations across the GCC.

Between 2019 and 2025, distributed denial-of-service (DDoS) attacks increased by approximately 857 per cent, with more than 371,000 attacks recorded in 2025 alone.

Researchers also observed a major shift in attack duration and persistence. The longest recorded DDoS campaign continued for more than 85 consecutive days, indicating a transition from short-term disruption tactics to sustained operational pressure.

Attack execution speed has also accelerated dramatically. During the first quarter of 2026, Help AG recorded a 65 per cent increase in attack completion speed, with several major incidents reaching operational impact in less than 40 hours.

During periods of heightened geopolitical tension in Q1 2026, cyberattack attempts targeting the UAE surged from approximately 200,000 attacks per day to between 500,000 and 700,000 attempts daily, according to figures referenced from the UAE Cybersecurity Council.

The report concludes that cyber threats are no longer isolated incidents but continuous and adaptive risks influenced by both technological and geopolitical developments.

Artificial Intelligence Reshapes the Cybersecurity Battlefield

Artificial intelligence has emerged as one of the most influential factors transforming modern cybersecurity operations.

On the offensive side, threat actors are increasingly leveraging AI to:

1. Automate reconnaissance activities
2. Scale phishing campaigns
3. Accelerate exploitation processes
4. Improve credential theft operations
5. Increase attack precision and speed

At the same time, organisations are adopting AI-powered security capabilities to strengthen cyber defence.

Help AG reported that its Security Operations Centres now utilise more than 145 automated security scenarios, helping reduce response times by over 50 per cent. The company also noted that zero-day threat protections can now be operationalised within approximately 45 minutes of identification.

The report highlights the growing importance of "defensive learning", a model that continuously transforms incident intelligence into improved security performance, helping organisations address persistent cybersecurity skills shortages while enhancing operational effectiveness.

Sovereign Cloud Infrastructure Becomes a Strategic Priority

One of the report's most significant findings is the growing importance of cyber sovereignty across the GCC.

Historically viewed primarily through compliance and data residency requirements, sovereignty is now becoming a critical component of broader operational resilience strategies.

The report identifies increasing investment in:

1. Sovereign cloud infrastructure
2. Locally governed digital environments
3. National cybersecurity capabilities
4. Infrastructure visibility and control
5. AI governance frameworks

According to Help AG, organisations across the UAE and Saudi Arabia are increasingly integrating cybersecurity considerations into long-term infrastructure planning, business continuity strategies, and national digital transformation programmes.

As digital government initiatives continue to expand, cybersecurity is evolving into a foundational layer supporting public-sector services, critical infrastructure protection, and citizen data security.

UAE Digital Ambitions Depend on Trusted Cybersecurity Foundations

Commenting on the findings, Abdulla Ebrahim Al Ahmed, Chief Government & VVIP Relations Officer at e& UAE, said the country's digital future depends on maintaining trust, resilience, and national capability.

He noted that as artificial intelligence becomes more deeply embedded across government services and sovereign digital ecosystems, cybersecurity must evolve at the same pace.

According to Al Ahmed, organisations require security frameworks that are continuously adaptive, locally aligned, and capable of protecting critical infrastructure and citizen data in increasingly AI-driven environments.

Post-Quantum Security Enters Strategic Planning Discussions

Beyond immediate cyber threats, the report identifies post-quantum security as an emerging long-term priority.

As quantum computing capabilities continue to advance, existing cryptographic standards that secure:

1. Financial systems
2. Identity platforms
3. Cloud infrastructure
4. Digital communications

may eventually become vulnerable.

The report suggests that organisations building sovereign digital ecosystems with multi-decade lifespans are beginning to incorporate post-quantum readiness into infrastructure planning and cybersecurity strategies.

Industry experts increasingly view post-quantum security as a future cornerstone of digital trust across the region.

Five Major Cybersecurity Shifts Shaping the GCC

Help AG identified five structural shifts expected to define cybersecurity strategies across the GCC in 2026 and beyond:

1. From Fragmented Security Tools to Integrated Resilience Architectures

Organisations are moving away from isolated security solutions towards unified platforms that support enterprise-wide resilience.

2. From Reactive Security to AI-Driven Operations

Continuous monitoring, automation, and AI-powered decision-making are replacing traditional reactive defence models.

3. From Compliance to Measurable Resilience

Security programmes are increasingly evaluated based on operational outcomes rather than regulatory compliance alone.

4. From Talent-Dependent Models to Automation and Institutional Learning

Automation and knowledge-driven security operations are helping organisations address talent shortages while improving performance.

5. From National Frameworks to GCC-Wide Cyber Resilience

Regional cooperation and resilience alignment are becoming increasingly important as cyber risks transcend national borders.

Sustainable Cybersecurity Becomes the New Operating Model

The report concludes that cybersecurity strategies across the GCC are evolving towards what Help AG describes as "Sustainable Cybersecurity" — an always-on, adaptive security framework capable of operating continuously under pressure and responding at machine speed.

According to Dr Aleksandar Valjarevic, Acting Chief Executive Officer of Help AG, organisations must focus on building adaptive, measurable, and locally aligned cybersecurity capabilities rather than simply deploying additional security tools.

He noted that AI and sovereignty are already reshaping how digital infrastructure is designed, secured, and governed across the region, making operational resilience a critical business and national priority.

As cyber threats continue to evolve in scale, speed, and sophistication, experts believe organisations that successfully integrate AI, sovereign infrastructure strategies, and resilience-focused security architectures will be best positioned to navigate the next phase of digital transformation.

• Tags
• #Business
• #Magazine
• #Lifestyle