A surge in cyberattacks, physical strikes on cloud infrastructure and the growing use of AI by both attackers and defenders are forcing Gulf states to rethink how they protect critical digital infrastructure.
The importance of enhancing operational resilience across the Gulf has taken on new urgency since the outbreak of the U.S.-Iran war on February 28.
In the UAE alone, daily cyberattack attempts surged from roughly 200,000 to as many as 700,000 as geopolitical tensions flared over recent months. Last week, the UAE’s financial sector was targeted by a wave of sophisticated cyberattacks.
While they were successfully thwarted, the country’s Cyber Security Council noted that cybercriminals are increasingly using AI to develop more advanced techniques.
A report published last month by Help AG, the cybersecurity arm of UAE telecoms operator e&, highlighted how AI has emerged as a force multiplier, enabling attackers to accelerate reconnaissance and adapt techniques in real time.
As a result, attack lifecycles are compressing. In the first quarter of 2026, Help AG observed how the use of AI has allowed bad actors to complete attacks 65% faster than before, with some causing damage less than 40 hours after first gaining access.
Read more: GCC debt markets have rallied since the ceasefire, but tight liquidity remains a key hurdle
“The signal across global research is consistent: attackers are compressing the attack lifecycle,” the report authors noted. “The Middle East reflects the same pattern—but under higher exposure intensity.”
The rapid digital transformation taking place across the region has increased its exposure to cyberattacks, often leading to more severe economic consequences.
According to a recent IBM report, the average cost of a data breach in the Middle East stood at $7.29 million in 2025—significantly above the global average of $4.44 million.
Information security spending across MENA is expected to reach $4.07 billion in 2026, up 10.1% from 2025, according to Gartner.
In the GCC, sectors such as financial services, energy, logistics, and government are increasingly operating within automated, highly interconnected digital ecosystems, making them particularly vulnerable to attacks.
This vulnerability is accelerating a shift from traditional, reactive security models to continuous, adaptive systems that support broader national security objectives.
“Organizations today need security that is continuously adaptive, locally aligned and designed to protect critical infrastructure and citizen data in an AI-driven environment,” said Abdulla Ebrahim Al Ahmed, chief government relations officer at e& UAE.
Across the UAE and Saudi Arabia, cybersecurity is increasingly being built into infrastructure planning, with sovereign cloud and locally governed systems becoming core design priorities. Sovereign cloud is a specialized cloud computing environment designed to ensure an organization’s data, metadata, and infrastructure remain entirely within a specific legal jurisdiction.
Meanwhile, AI has emerged as a transformative force in cybersecurity, reshaping both offensive tactics and defensive capabilities.
While bad actors are increasingly deploying AI to scale and automate their operations, organizations are also leveraging the technology to improve threat detection and accelerate response times.
“Across the GCC, AI and sovereignty are already reshaping how digital infrastructure is designed, secured, and governed,” said Aleksandar Valjarevic, acting CEO of Help AG.
“The findings of this year’s report show that cybersecurity must now operate continuously, at machine speed, and in direct alignment with national resilience priorities. For organizations, the focus is shifting from adding more tools to building adaptive, measurable and locally aligned security capabilities that can withstand sustained pressure.”
The report also noted that collaborative security models are becoming more common across the GCC, particularly in government and critical infrastructure sectors.
Cybersecurity spending across the GCC is projected to surpass $9.6 billion by 2032 in response to the increased threat, up from $5.9 billion in 2025, according to business consulting firm P&S Intelligence.
For a region that has set its sights on becoming a global AI hub, the U.S.-Iran war has exposed the geopolitical vulnerability of the Gulf’s digital infrastructure.
In early March, two Amazon Web Services (AWS) data centers in the UAE were directly struck by drones, while one of its centers in Bahrain was damaged by a nearby drone strike.
The attacks forced all three centers offline and triggered outages across banking, payments, delivery apps, and enterprise software throughout the region. AWS was forced to transfer computing workloads to other regions and said that it expected the recovery to be “prolonged, given the nature of the physical damage involved.”
The strikes were significant for marking the first time that military attacks had directly targeted and disrupted the data center operations of a major U.S. tech company. AWS’ services in Bahrain have since been targeted in further drone strikes and sustained damage as a result.
Sam Winter-Levy, technology and international affairs fellow at the Carnegie Endowment for International Peace think tank, has warned that physical attacks on data centers “are only going to become more common moving forward as AI becomes more and more significant.”
Major U.S. technology companies, including Microsoft, Google and Oracle, operate extensive cloud infrastructure across the Gulf. Given Iran’s repeated threats against these facilities, data centers are widely regarded as potential targets in the event of escalating regional tensions.
This may lead GCC governments to expand their own data center development plans across multiple sites, instead of relying on a handful of hyperscale campuses, as well as building greater redundancy into networks.
Meanwhile, rising security spending and insurance premiums will likely translate into increased costs of building and operating such facilities across the region.
“Given the central role of digital infrastructure in national development strategies across the region, the current situation in the Middle East further underscores the need to develop insurance frameworks that account for potential regional instability,” said Elizabeth Heyes, junior technology fellow at the Observer Research Foundation Middle East, in a report published last month.
“What makes these risks more challenging is not just their scale, but their interconnected nature: disruptions rarely remain contained, instead cascading across supply chains, financial systems, and physical infrastructure. This raises the question of who ultimately bears the cost, and whether existing systems that insure against disruption are equipped to absorb it.”
The Gulf has made significant progress in fortifying its cyber resilience and digital infrastructure, but many argue that its insurance frameworks have not kept pace with the growing systemic risks posed by today’s cybercriminals.
While cyber insurance is growing in the UAE and Saudi Arabia, penetration remains low compared with more mature markets such as the US and UK. Many businesses, particularly smaller firms, remain underinsured.
Furthermore, many cyber policies exclude or limit coverage for acts of war, state-sponsored cyberattacks or widespread infrastructure failures. These exclusions have become more prominent as geopolitical tensions have increased and now need to be addressed.












