Help AG Report Identifies Sovereignty And Operational Resilience As The New Cybersecurity Priorities Shaping The GCC

(MENAFN- Mid-East Info)

State of the Market Report 2026 offers deep insights into the most pressing cyber trends across the UAE and Saudi Arabia Cyberattacks targeting the UAE surged from approximately 200,000 attacks per day to between 500,000 and 700,000 daily attempts during periods of heightened geopolitical tension in Q1 2026 Distributed Denial-of-Service attacks increased by approximately 857% between 2019 and 2025, with the longest recorded campaign persisting for more than 85 days

Dubai, United Arab Emirates, June, 2026: Help AG (the cybersecurity arm of e&) has released its State of the Market Report 2026, marking the sixth edition of its flagship annual analysis of cybersecurity trends across the UAE and Saudi Arabia.

Drawing on intelligence from Help AG's Security Operations Centres in Dubai and Riyadh, as well as insights from cybersecurity specialists, technology partners, and customers across the GCC, the report highlights a decisive shift in how organisations must now understand and operationalise cyber resilience.

At the centre of the findings is a clear conclusion: cybersecurity in the GCC has entered a new operational reality defined by artificial intelligence, sovereign cloud infrastructure priorities, and machine-speed attacks that are compressing traditional response windows beyond legacy security models. The report identifies sovereign cloud infrastructure as an increasingly important component of broader operational resilience strategies across the region, as organizations reassess cybersecurity, infrastructure control and continuity planning in response to evolving geopolitical and cyber risks.

Cyber Threats Are Escalating in Speed, Scale, and Persistence:

Help AG's data shows a sustained and significant rise in attack activity and complexity over the past six years.

Between 2019 and 2025, distributed denial-of-service (DDoS) activity increased by 857%, with more than 371,000 attacks recorded in 2025 alone. Beyond volume, the nature of these campaigns is evolving. The longest observed DDoS attack persisted for more than 85 consecutive days, reflecting a shift from short-term disruption to sustained operational pressure.

In parallel, attack execution speed has accelerated sharply. In Q1 2026, Help AG observed a 65% increase in attack completion speed, with several major compromises reaching operational impact in under 40 hours.

This acceleration is further amplified during periods of geopolitical tension. According to the UAE Cybersecurity Council, cyberattack attempts targeting the UAE surged from approximately 200,000 per day to between 500,000 and 700,000 per day during heightened regional developments in Q1 2026.

Together, these trends signal a fundamental shift: cyber risk is no longer episodic, but continuous, adaptive, and tightly coupled with geopolitical and technological change.

AI Is Transforming Both Attack and Defence:

Artificial intelligence has become a defining force across the cybersecurity landscape, reshaping both adversarial behaviour and defensive operations.

On the threat side, AI is enabling attackers to automate reconnaissance, scale phishing campaigns, accelerate exploitation chains, and refine credential-based attacks with greater speed and precision.

On the defensive side, organisations are increasingly deploying AI across the full security lifecycle - from alert prioritisation and automated investigation to adaptive detection and predictive response. Help AG's SOC environments now operate more than 145 automated security scenarios, with response times reduced by over 50%, and zero-day protections operationalised within approximately 45 minutes of identification.

The report also highlights the emergence of“defensive learning” - the continuous transformation of incident intelligence into improved security performance. This capability is becoming a defining element of modern SOC maturity and a critical response to ongoing cybersecurity talent constraints.

As AI adoption accelerates across enterprise environments, governance is also evolving. The report emphasises that AI governance is shifting from static policy frameworks to continuous operational oversight, addressing risks such as shadow AI and ensuring real-time visibility across dynamic environments.

Sovereignty Becomes a Core Security Design Principle:

Cyber sovereignty is emerging as a structural force shaping how digital infrastructure is built and operated across the GCC.

Once primarily viewed through the lens of compliance and data residency, sovereignty is now becoming one layer within broader operational resilience strategies, influencing cloud architecture, security operations design, AI governance models and infrastructure ownership decisions.

The report identifies a growing shift toward sovereign cloud and locally governed infrastructure models in both the UAE and Saudi Arabia, where cybersecurity is increasingly being embedded into national resilience planning and long-term digital infrastructure strategies.

This evolution is redefining operational expectations. Security architectures must now balance regulatory alignment, operational continuity, resilience requirements and infrastructure visibility across increasingly complex hybrid and sovereign cloud environments.

As the UAE continues to advance its digital government agenda, artificial intelligence and sovereign digital infrastructure are becoming central to how public services are delivered, secured and trusted. The report notes that this shift is redefining cybersecurity as a continuous operational layer underpinning critical infrastructure, citizen data protection and public-sector resilience at scale.

Abdulla Ebrahim Al Ahmed, Chief Government & VVIP Relations Officer, e& UAE, said:“The UAE's digital ambitions are built on trust, resilience and national capability. As AI becomes embedded across government services and sovereign digital ecosystems continue to expand, cybersecurity must operate at the same speed and scale. Organisations today need security that is continuously adaptive, locally aligned and designed to protect critical infrastructure and citizen data in an AI-driven environment. Strengthening sovereign cybersecurity capabilities is key to enabling innovation while maintaining the trust that forms the foundation of the UAE's digital future.”

Post-Quantum Security Enters Strategic Planning Cycles:

Alongside immediate operational threats, the report highlights post-quantum security as an emerging long-term infrastructure priority.

As quantum computing advances, current cryptographic standards underpinning identity systems, financial infrastructure, cloud environments, and secure communications may face disruption.

For organisations building sovereign digital ecosystems designed to operate over multi-decade horizons, post-quantum readiness is moving from theoretical discussion to active planning consideration.

The report positions this transition as a foundational element of future digital trust infrastructure across the region.

Five Structural Shifts Defining the Cybersecurity Market:

Help AG identifies five key directional shifts shaping cybersecurity strategy across the GCC in 2026 and beyond:

From fragmented security tools to integrated resilience architectures From reactive defence to continuously adaptive, AI-driven operations From compliance-led programmes to measurable operational resilience From talent-centric models to automation and institutional learning From isolated national frameworks to coordinated GCC-wide resilience alignment

Together, these shifts define a broader transition toward what Help AG describes as Sustainable Cybersecurity – an always-on, adaptive security model designed to operate under continuous pressure, at machine speed, and in alignment with national resilience priorities.

Commentary:

Dr Aleksandar Valjarevic, Acting Chief Executive Officer, Help AG, said:“Across the GCC, AI and sovereignty are already reshaping how digital infrastructure is designed, secured and governed. The findings of this year's report show that cybersecurity must now operate continuously, at machine speed, and in direct alignment with national resilience priorities. For organisations, the focus is shifting from adding more tools to building adaptive, measurable and locally aligned security capabilities that can withstand sustained pressure.

About Help AG:

Help AG is the cybersecurity arm of e& (formerly Etisalat) and provides leading enterprise businesses and governments across the Middle East with strategic consultancy combined with tailored information security solutions and services that address their diverse requirements, enabling them to evolve securely with a competitive edge. Present in the Middle East since 2004, Help AG was strategically acquired by e& (formerly known as Etisalat Group) in 2020, hence creating a cybersecurity and digital transformation powerhouse in the region.

MENAFN10062026005446012082ID1111238127