Tech News
Proofpoint’s 2024 Voice of the CISO Report: More Than Two-Thirds of CISOs in the UAE Feel Prepared for Targeted Cyber Attacks
89% of UAE CISOs are turning to AI-powered technology to protect against human error and block advanced human-centric cyber threats
Proofpoint, a leading cybersecurity and compliance company today released its annual Voice of the CISO report, which explores key challenges, expectations and priorities of chief information security officers (CISOs) worldwide.
The 2024 report draws attention to a notable trend: while fears of cyber attacks remain high, CISOs in the UAE demonstrate increasing confidence in their ability to defend against these threats, reflecting a significant shift in the cybersecurity landscape. Over two-thirds (70%) of surveyed CISOs in the UAE feel at risk of a material cyber attack over the next 12 months, compared to 75% the year before, and 44% in 2022. CISOs today clearly remain on high alert, but confidence among them is growing: just 34% feel unprepared to cope with a targeted cyber attack, showing a marked decrease over last year’s 57% and 47% in 2022.
Human error continues to be perceived as the Achilles’ heel of cybersecurity, with more than three-quarters (76%) of CISOs in the UAE identifying it as the most significant vulnerability. In a year of growing insider threats and people-driven data loss, more CISOs in the UAE than ever (83%) see human risk, in particular negligent employees as a key cybersecurity concern over the next two years. However, there’s growing optimism in the role of AI-powered solutions to mitigate human-centric risks, reflecting a strategic pivot towards technology-driven defenses.
The 2024 Voice of the CISO report examines global third-party survey responses from 1,600 CISOs from organizations of 1,000 employees or more across different industries. Throughout the course of Q1 2024, 100 CISOs were interviewed in each market across 16 countries: the U.S., Canada, the UK, France, Germany, Italy, Spain, Sweden, the Netherlands, UAE, KSA, Australia, Japan, Singapore, South Korea, and Brazil.
The report offers a vital perspective on the state of cybersecurity from those at the forefront of protecting people and defending data. The report also stresses the importance of maintaining robust cybersecurity measures in the face of economic pressures and the critical role of human factors in organizational cyber readiness. The survey also measures the changes in alignment between security leaders and their boards of directors, exploring how their relationship impacts security priorities.
“As we navigate through the complexities of today’s cyber threat environment, it’s encouraging to see CISOs in the UAE gaining confidence in their strategies and tools,” commented Emile Abou Saleh, Senior Regional Director, Middle East, Turkey, and Africa at Proofpoint. “However, the ongoing challenges of employee turnover, pressure on resources, and the need for continuous board engagement remind us that vigilance and adaptation are key to our collective cyber resilience.”
Key global findings from Proofpoint’s 2024 Voice of the CISO report for the UAE include:
- Human error still tops cyber vulnerability threats but CISOs in the UAE turn to AI solutions to help. This year, we are seeing an uptick in the number of CISOs in the UAE who view human error as their organization’s biggest cyber vulnerability—76% in this year’s survey vs. 59% in 2023. However, 87% of CISOs believe that employees understand their role in protecting the organization. This confidence is higher than in previous years—56% in 2023 and 51% in 2022. This may be attributed to the 89% of UAE CISOs surveyed looking to deploy AI-powered capabilities to help protect against human error and advanced human-centered cyber threats.
- CISOs in the UAE continue to fear cyber-attacks but fewer feel unprepared, showing growing confidence in their security measures. In 2024, 70% of CISOs surveyed in the UAE feel at risk of experiencing a material cyber-attack in the next 12 months, compared to 75% in 2023 and 44% in 2022. However, just 34% feel their organization is unprepared to cope with a targeted cyber-attack, compared to 57% in 2023 and 47% in 2022.
- Generative AI tops CISOs security concerns in the UAE. In 2024, 49% of CISOs surveyed in the UAE believe that generative AI poses a security risk to their organization. The top three systems CISOs view as introducing risk to their organizations are: Microsoft 365 (50%), Perimeter network device (45%), Slack/Teams/Zoom/other collaboration tools (43%) and ChatGPT/other genAI (40%).
- Employee turnover is still a concern, yet CISOs in the UAE trust their defenses. In 2024, 45% of security leaders reported having to deal with a material loss of sensitive data in the past 12 months, and of those, 64% agreed that employees leaving the organization contributed to the loss. Despite those losses, 83% of CISOs believe they have adequate controls to protect their data.
- The majority of CISOs in the UAE have adopted DLP technology and invested more in security education. 51% of CISOs surveyed in the UAE, in 2024 have data loss prevention technology (DLP) in place compared to just 45% in 2023. More than half (55%) of CISOs surveyed invested in educating employees on data security best practices which is higher in 2024 compared to 2023 (41%).
- Cloud account compromise and ransomware top CISO concerns in the UAE. The biggest cybersecurity threats perceived by CISOs in 2024 are cloud account compromise (Microsoft 365 or G Suite or other) (44%), ransomware attacks (42%) and malware (42%). These top threats are different from last year in which CISOs perceived distributed email fraud, cloud account compromise (Microsoft 365, G Suite or other), malware and smishing/vishing as the biggest threats.
- Steady stance on ransom payments with increased reliance on cyber insurance in the UAE. In 2024, 64% (59% in 2023) of CISOs in the UAE believe their organization would pay to restore systems and prevent data release if attacked by ransomware in the next 12 months. 76% of CISOs said they would rely on cyber insurance claims to recover potential losses incurred, compared to 56% in 2023.
- The Board-CISO relationship has improved significantly in the UAE. In 2024, 80% of CISOs agree their board members see eye-to-eye with them on cybersecurity issues. This is a significant jump from 63% in 2023, and 47% in 2022.
- Pressures on CISOs in the UAE are unrelenting. In 2024, 69% of CISOs in the UAE admitted to burnout compared to 59% last year, while 87% feel they face excessive expectations, a steady increase from 59% last year and 38% in 2022. The sustainability of the ongoing expectations on CISOs continues to be tested—69% are concerned about personal liability (60% in 2023) and 74% (56% in 2023) would not join an organization that does not offer Directors & Officers (D&O) insurance coverage. In addition, 63% of CISOs agreed that the current economic downturn has hampered their ability to make business-critical investments, with 49% of them being asked to cut staff or delay backfills as well as reduce security budgets.
“While the cybersecurity landscape continues to evolve with increasing human-centric threats, the 2024 Voice of the CISO report highlights what appears to be a pivotal shift towards greater resilience, preparedness and confidence among global CISOs,” said Patrick Joyce, global resident CISO at Proofpoint. “This year’s findings underscore a collective move towards strategic defenses, including enhanced education, technological adoption, and an adaptive approach to emerging threats like generative AI.”
Tech News
UNGOVERNED AI AGENTS AND SOPHISTICATED DEEPFAKES POSE CRITICAL THREATS FOR THE UAE & SAUDI ARABIA ORGANISATIONS, NEW KNOWBE4 RESEARCH WARNS
KnowBe4, the global leader in digital workforce security, securing both AI agents and humans, today announced the launch of its new research report, “From Agentic Risk to Human Wins: Building a Culture of Security in the Era of Agentic AI.” The findings expose a dangerous reality for modern organisations in the United Arab Emirates and Saudi Arabia: autonomous AI tools are expanding the corporate attack surface faster than security teams can implement guardrails.

With agentic AI now widely embedded in day-to-day work, 84% of cybersecurity leaders in the UAE & Saudi Arabia report that AI agents are already taking actions within organisational workflows. However, a lack of governance is leaving organisations exposed; the report shows that around 1 in every 4 organisations (24%) report their use of AI is unapproved or ungoverned. This unmanaged “Shadow AI” effectively operates as an invisible layer of shadow employees handling sensitive organisational data without oversight.
Key Findings from the Report:
- 88% of employees in the UAE & Saudi Arabia say that deepfake voice and video content is now so realistic it is impossible to know what to trust and 52% openly admit they could be tricked by a deepfake scam at work.
- More than half (54%) of cybersecurity leaders in the UAE & Saudi Arabia report that mistakes during everyday work have had the greatest impact on their organisation’s cybersecurity in the past 12 months. Compounding this, 44% of employees acknowledge that time pressures and workplace distractions actively drive them to make critical security mistakes, even when they know the safe protocol.
- 36% of cybersecurity leaders in the UAE & Saudi Arabia identify AI-enabled attacks as a key driver of future human-related cybersecurity risks.
- 41% of employees reported that they commonly source their own agentic AI tools where options are unavailable or restrictive, leaving organisations vulnerable to cyberattacks. Concurrently, 52% of cybersecurity leaders report that the use of unsanctioned software and AI apps has actively impacted their security posture over the past 12 months.
- Although 76% of security leaders feel “very well prepared” to handle unexpected or emerging AI-driven threats over the next year, 84% of them confirmed that improvements are still needed to ensure AI tools and agents operate within organization’s security policies and approved risk limits.
The report shows that organisations making progress are those who prioritise cybersecurity as a culture over a mere function, seamlessly incorporating secure behaviours into daily work. These organisations are creating environments where employees feel safe reporting mistakes, with 82% of employees agreeing.
“Cybersecurity has entered a volatile phase where organisations are trying to secure a hybrid human and AI workforce that’s changing more quickly than security leaders can keep up,” said Dr. Martin Kraemer, CISO Advisor at KnowBe4. “Attackers are moving at machine speed, using attacks such as deepfakes to target employees and prompt injections to hijack AI agents. Leaving almost a quarter of your corporate AI usage ungoverned is a massive open invitation to threat actors.”
The “From Agentic Risk to Human Wins: Building a Culture of Security in the Era of Agentic AI” report concludes that achieving “Wins” requires organisations to design systems that guide behaviour, build supportive cultures, and shift from tracking failures to reinforcing positive actions, and extending a security-first mindset across both AI agents and humans.
Tech News
Cequence Platform 9.0 Puts an AI Security Expert in Every Team’s Hands
Cequence Security, the leader in application, API, and agentic AI protection, today announced general availability of Cequence Platform 9.0, an AI-native release that fundamentally changes how users interact with API security tools. Platform 9.0 ships with a built-in AI Assistant, an open Model Context Protocol (MCP) server that exposes every platform capability to an organization’s agents or automation workflows, a compliance-ready risk rules library mapped to 25 global regulatory frameworks, and a re-architected API security engine built to handle the largest enterprise API estates without performance degradation.
Agentic AI is transforming how enterprises interact with their customers, and internal IT teams are adopting AI agents faster than their security tools can keep up. Unlike vendors that add a simple chatbot to their existing product, Cequence took the opposite approach; the entire platform is AI-native and open, enabling customers to use Cequence’s built-in model or one of their choosing. With Platform 9.0, any practitioner can open a conversation and start asking the questions they actually care about, without knowing the interface, navigating menus, or understanding how the product works. The platform finds the answers. Teams with sophisticated AI workflows can use their own agents to directly drive these same capabilities through the open MCP architecture, without the need for custom integration.
Ameya Talwalkar, CEO and Co-Founder at Cequence, said: “Most vendors looked at the agentic era and added a chatbot. We looked at it and rebuilt the architecture. Cequence Platform 9.0 exposes the entire Cequence platform through an open MCP architecture so any agent can operate it directly, whether through our built-in AI Assistant, or a customer’s own agent. That is what AI-native actually means: the UI becomes optional. We are building for the way the agentic enterprise already works, while making sure a human approves every change along the way.”
AI-Native Platform with a Built-In AI Assistant
Cequence Platform 9.0 ships with a built-in AI Assistant that answers plain-language questions such as “What is my biggest risk right now?” with ranked, evidence-backed findings drawn from live platform data. Unlike most security chatbots that only deliver value in the hands of experienced practitioners, the Cequence AI Assistant arrives with skills built on years of application, API, and data protection work in high-traffic enterprise environments, able to guide practitioners of all skill levels from day one.
Agent capabilities in Platform 9.0 include:
- Drive valuable actions from simple conversations: use plain-English to easily and quickly drive results. Have the AI Assistant classify APIs, identify risks, draft rules, and create reports, all without navigating the UI.
- Open MCP server: any MCP-capable agent, SOAR platform, or automation workflow can interact with, configure, and pull insights from the platform through an open API contract, with no custom integration, incorporating API security into broader agentic workflows
- Human in the loop: read actions run freely; every proposed write shows the exact change and requires explicit human approval before anything happens
- Full transparency: every answer exposes the AI Assistant’s reasoning and the underlying tool calls; when it lacks a tool for a task, it says so rather than guessing
Shreyans Mehta, CTO and Co-Founder at Cequence, said: “Most security chatbots are only as useful as the person asking the questions, which means they fall flat in the hands of anyone who is not already an expert. We built the Platform 9.0 agent differently. It runs a full agentic loop, planning which tools answer the question, calling them, and synthesizing ranked, evidence-backed recommendations while showing you exactly how it got there. When it does not have the tool to do something, it tells you instead of guessing. That governance-first design is not an afterthought. It is the same conviction behind the Cequence AI Gateway, and it is what makes this safe to put in front of any practitioner from the start.”
Compliance-Ready Risk Rules and Compliance Packages
Compliance is the most common forcing function for an API security purchase, and the most common place programs stall. Platform 9.0 ships the rules, frameworks, and reports to make customers audit-ready immediately, with no professional services and no custom rule development required.
Compliance capabilities in Platform 9.0 include:
- 250+ pre-built risk rules: Mapped to 25 global compliance frameworks including OWASP API Security Top 10 (all versions), PCI DSS, GDPR, HIPAA, SOC 2, ISO 27001, NIST CSF, DORA, NIS2, LGPD, SAMA, MAS TRM, and additional regional frameworks across the Americas, EMEA, and APAC
- One-click audit-ready reports: each report builds from live data, maps findings to the framework’s specific controls, scores risk by control area, and provides remediation guidance for every gap; reports can be company or partner branded
- Observe mode: see how proposed rules perform for testing purposes without raising formal issues, allowing teams can add frameworks without a flood of unreviewed findings
- Test panel: validates any rule against sample request and response data before activation
Re-Architected API Security Engine Built for Enterprise Scale
Agentic AI is accelerating API endpoint growth faster than any prior technology wave. Platform 9.0 includes a complete rebuild of the engine that discovers, catalogs, and scores risk across an organization’s API estate, delivering higher performance at a smaller CPU footprint.
API security engine improvements in Platform 9.0 include:
- 50x increase in API endpoints supported: with sub-five-second page load times across every view regardless of endpoint count
- Reduced compute costs: dramatic CPU footprint improvements translate directly into lower infrastructure costs, especially for on-premises deployments
Tech News
Magna AI and Saudi Xerox Establish Strategic Framework to Advance Sovereign AI Infrastructure Across Saudi Arabia
Magna AI, Inc., the global integrated‑value‑chain sovereign AI transformation leader established through a partnership between Trend Micro and Wistron Digital Technology Holding Company (WDH), powered by NVIDIA, today announced a strategic collaboration with Saudi Xerox, official representation of Xerox Trading Company in Saudi Arabia that is redefining the workplace experience by providing solutions to improve business processes, automation, and printing technology. The initiative was formalized during the Global AI Show 2026 in Riyadh by Dr. Moataz BinAli, Chief Executive Officer of Magna AI, and Mehmet Sezer, General Manager of Saudi Xerox.
The strategic framework will enable both companies to advance AI data centres, sovereign AI Factory capabilities, secure AI platforms and large-scale AI adoption for both government-led national initiatives and enterprise customers. The collaboration is aligned with Saudi Arabia’s digital transformation agenda and Vision 2030 objectives, with a focus on enabling secure, scalable, and locally relevant AI adoption across the public and private sectors.
The collaboration comes amid rapid expansion of the Kingdom’s AI infrastructure sector. Saudi Arabia’s AI data center market is forecast to grow from USD 0.63 billion in 2025 to USD 1.74 billion by 2030, representing a compound annual growth rate of over 22%, according to Mordor Intelligence. This growth is driven by Vision 2030 digital investment, government data-sovereignty mandates, and rising demand for locally hosted AI workloads.
“Saudi Arabia is building one of the most ambitious national AI agendas in the world, and that requires infrastructure with governance and security built in, shaped around the organization’s own requirements rather than a vendor’s defaults which creates the conditions for genuine long-term control,” said Dr. Moataz BinAli, Chief Executive Officer, Magna AI. “By combining Magna’s full value-chain AI Factory capabilities with Saudi Xerox deep on-ground presence in the Kingdom, we can help government and enterprise organizations move from AI ambition to AI at scale on infrastructure they own and control. This alliance also reflects our commitment to working with local partners to build the AI capacity, resilience, and ecosystem required to support long-term national transformation.”
Under the agreement, Magna AI will drive AI Factory architecture, platform development, AI security, and governance frameworks, while Saudi Xerox will support local infrastructure integration, security operations, compliance alignment and on-ground execution across the Kingdom.
The two companies intend to collaborate across several areas, including sovereign AI Factory development for large-scale model training, fine-tuning, inference, agentic AI operations, and data pipelines; secure AI operations aligned with Saudi data-residency and cybersecurity requirements; sector-specific AI applications for government and enterprise; and AI skills development and capacity building.
“Saudi Xerox is committed to supporting the Kingdom’s digital transformation through advanced IT, cloud, managed services, and cybersecurity capabilities,” said Mehmet Sezer, General Manager, Saudi Xerox. “This joint effort brings together Magna’s AI platform and security expertise with our established services and execution capabilities in Saudi Arabia, enabling national institutions and enterprises to adopt advanced AI with confidence and in line with local regulatory requirements. Our aim is to help organizations to adopt AI in a secure, compliant, and practical way that supports measurable business and national outcomes.”
Magna AI is the Title Sponsor of the Global AI Show 2026. Throughout the two-day event, Magna AI is showcasing is its sovereign AI infrastructure and enterprise AI platforms, as well as it’s security and industry-focused solutions. Magna AI leaders are also offering perspectives to organizations across industries looking to build production-ready AI that delivers measurable business outcomes.
-
News11 years ago
SENDQUICK (TALARIAX) INTRODUCES SQOOPE – THE BREAKTHROUGH IN MOBILE MESSAGING
-
Trending8 months agoOPPO A6 Pro 5G Review: Reliable Daily Driver
-
Tech News2 years agoDenodo Bolsters Executive Team by Hiring Christophe Culine as its Chief Revenue Officer
-
VAR1 year agoMicrosoft Launches New Surface Copilot+ PCs for Business
-
Automotive2 years agoAGMC Launches the RIDDARA RD6 High Performance Fully Electric 4×4 Pickup
-
Tech Interviews2 years ago
Navigating the Cybersecurity Landscape in Hybrid Work Environments
-
Tech News12 months agoNothing Launches flagship Nothing Phone (3) and Headphone (1) in theme with the Iconic Museum of the Future in Dubai
-
VAR2 years agoSamsung Galaxy Z Fold6 vs Google Pixel 9 Pro Fold: Clash Of The Folding Phenoms


