As cyberthreats intensify across the Middle East, the expansion of data centres, AI adoption and evolving regulations are reshaping how organisations approach risk management and resilience. Simon Bell, Cyber Practice Leader, Marsh, Middle East and Africa, tells us how businesses can strengthen their cyberinsurance strategies, address regulatory challenges and build longterm resilience in a rapidly changing digital landscape.

From your perspective at Marsh, what are the most pressing cybersecurity risks emerging in the region, both from the rapid expansion of data centres and AI capabilities, and from the current geopolitical situation?

The rapid expansion of data centres and AI capabilities in the UAE is creating a broader attack surface for organisations. The increasing number of data centres and in turn connections creates a huge number of potential opportunities for cyberattackers to penetrate systems. We’ ve seen reports from the Dubai Cyber Security Council of over 200,000 attacks being repelled daily, which highlights the massive increase in the overall threat environment.

From a more general perspective, the frequency and severity of cyberincidents have continued to rise over the last few years. There has been more public discussion in the Middle East and the UAE about these incidents, which points to a maturing market and greater client awareness. People are now realising that cyber-risks are global and that they can be impacted by them here in MENA, particularly given the interdependence on different cloud computing providers and data hosting services.

They are beginning to build this awareness into their risk management processes. A particularly significant development across the GCC, and specific to the UAE, is the implementation of new privacy regulations. Saudi Arabia has already implemented these, and we know of rumoured fines that have been issued under the new legislation.

Oman and Bahrain also have active regulations. While the executive regulations for the UAE are still pending, the high-level details published so far are very similar to GDPR. This evolution shows a continued focus on sophistication and ensuring that data is protected appropriately through new regulations on its processing and storage.

Recent news has highlighted that the adoption of cyberinsurance and

WWW. INTELLIGENTCISO. COM 15