Sophos announces intent to expand Middle East operations with new data centre in the UAE
Tenable research reveals widespread cloud misconfigurations exposing critical data
CISO news
Sophos announces intent to expand Middle East operations with new data centre in the UAE
S ophos, a global leader of innovative security solutions for defeating cyberattacks, has announced plans to launch a new data centre in the UAE by the end of 2025.
The expansion is part of Sophos’ broader regional investment strategy and reinforces its commitment to supporting the UAE’ s vision of becoming a global digital hub while enabling local organisations to benefit from enhanced performance, data sovereignty and regulatory compliance.
Hosted on Amazon Web Services( AWS) infrastructure within the UAE, the data centre will power Sophos’ advanced, cloud native security solutions – bringing improved performance, regulatory compliance and data sovereignty to organisations across the region.
Key benefits for local customers:
“ This launch reflects our mission to defend organisations of all sizes against inevitable cyberattacks with unmatched expertise and adaptive defences,” said Gerard Allison, Senior Vice President EMEA Sales at Sophos.“ By bringing local infrastructure to the UAE, we’ re delivering on our vision of enabling every organisation to achieve superior cybersecurity outcomes. This expansion supports our strategy of democratising, leveraging AI and automation and empowering our partners to scale securely.”
• Enhanced data sovereignty: Local hosting ensures adherence to national and sector-specific regulations – critical for industries like government, healthcare and finance.
• Improved performance: Reduces latency for faster responsiveness for cloud-based services, including Sophos Central.
• Enterprise and public sector readiness: Built to meet the high standards of mission-critical environments with advanced security and operational resilience.
Tenable research reveals widespread cloud misconfigurations exposing critical data
enable, the exposure management company, today
T released its 2025 Cloud Security Risk Report, which revealed that 9 % of publicly accessible cloud storage contains sensitive data. Ninety-seven % of such data is restricted or confidential, creating easy and prime targets for threat actors.
Cloud environments face dramatically increased risk due to exposed sensitive data, misconfigurations, underlying vulnerabilities and poorly stored secrets – such as passwords, API keys and credentials.
Key findings from the report include:
• Secrets found in diverse cloud resources, putting organisations at risk: Over half of organisations( 54 %) store at least one secret directly in Amazon Web Services( AWS) Elastic Container Service( ECS) task definitions – creating a direct attack path. Similar issues were found among organizations using Google Cloud Platform( GCP) Cloud Run( 52 %) and Microsoft Azure Logic Apps workflows( 31 %). Alarmingly, 3.5 % of all AWS Elastic Compute Cloud( EC2) instances contain secrets in user data – major risk given how widely EC2 is used.
• Cloud workload security is improving,
but toxic combinations persist: While the number of organisations with a‘ toxic cloud trilogy’ – a workload that is publicly exposed, critically vulnerable and highly privileged – has decreased from 38 % to 29 %, this dangerous combination still represents a significant and common risk.
• Using identity providers( IdPs) alone doesn’ t eliminate risk: While 83 % of AWS organisations are exercising best practices in using IdP services to manage their cloud identities, overly-permissive defaults, excessive entitlements and standing permissions still expose them to identity-based threats.
“ Despite the security incidents we have witnessed over the past few years, organisations continue to leave critical cloud assets, from sensitive data to secrets, exposed through avoidable misconfigurations,” said Ari Eitan, Director of Cloud Security Research, Tenable.
WWW. INTELLIGENTCISO. COM 11