Help AG, the cybersecurity arm of e& enterprise and the region’s leading Managed Security Services Provider (MSSP), unveiled its highly anticipated State of the Market Report 2025 on Day 1 of GISEC Global (May 6-8; Dubai World Trade Centre). The Help AG report explores how AI-driven attacks, data-centric threats, and quantum-readiness are reshaping enterprise and government security strategies across the GCC.
Distributed Denial-of-Service (DDoS) cyberattacks in the UAE surged from 38,797 in 2019 to 373,429 in 2024 — a staggering 862.45% increase, as observed by Help AG. The report reveals a sharp escalation not only in volume but also in sophistication, with attacks becoming more targeted and persistent. In one instance, a single DDoS attack lasted more than 35 days in 2024. While volumetric attacks were fewer, the strategic focus on government and critical infrastructure is raising significant alarm across the cybersecurity community.
Offering deep intelligence into the most pressing cyber trends across the UAE and Saudi Arabia, the State of the Market Report 2025 was unveiled at an exclusive media roundtable at GISEC Global.
Speaking at the sidelines of the launch, Stephan Berner, Chief Executive Officer of Help AG, said: “We are witnessing a shift from cybersecurity to cyber autonomy where systems don’t just defend, they decide. In a region driving the world’s most ambitious digital projects, automation alone is not enough. Autonomy, built on trust, intelligence, and sovereign infrastructure, is the new frontier.”
Nicolai Solling, Chief Technology Officer of Help AG, added: “Resilience in cybersecurity now means protecting the technologies shaping our future—AI, quantum computing, and the expanding digital ecosystem. At Help AG, we enable organizations to stay not only secure, but agile in the face of rapid innovation and growing complexity.”
KEY INSIGHTS – GCC
Escalating Threats from AI and Data Breaches
Help AG’s report highlights the rise of GenAI-powered phishing and impersonation attacks that are faster, stealthier, and harder to detect. Phishing remains the top threat vector, initiating 90% of incidents in 2024, while credential-based breaches were involved in nearly 45% of reported cases.
Ransomware has continued to evolve, with 66% of organizations in the GCC impacted and many facing ‘double extortion’ tactics. The consequences are not just operational as 36% of companies that suffered breaches reported board or C-suite fallout.
Data Exfiltration Increases
The Help AG report highlights the concerning rate of data exfiltration attacks, which are becoming more sophisticated, using stealthy tools like collaboration apps and cloud storage to siphon information undetected. Attackers are able to quietly steal data, making breaches harder to trace and more damaging. This shift demands advanced monitoring and tighter controls on outbound traffic and third-party integrations.
Quantum Risk on the Horizon
Help AG is calling on enterprises and government bodies to proactively adopt post-quantum cryptography, to protect long-life data assets against growing vulnerabilities. With a year-on-year spike of 236% in Security-as-a-Service adoption, increased cloud misconfigurations, and evolving Operational Technology/Internet of Things (IoT) threats, the Help AG report outlines a roadmap of priority investments.
TOP PRIORITIES FOR 2025
Securing AI Ecosystems and Critical Data: With GenAI-driven threats escalating, organizations must secure their AI models, Application Programming Interfaces (APIs), and sensitive data pipelines. Help AG highlights the urgent need for securing both human and machine users across the full AI lifecycle, backed by robust governance, API protection, and Software-as-a-Service (SaaS) observability.
Identity & Access Management (IAM): Strengthening IAM with adaptive authentication, behavioral monitoring, and advanced access controls is now foundational to defending critical assets.
Cloud Security Posture Management (CSPM): Cloud misconfigurations and human error remain leading causes of breaches. Robust CSPM strategies help organizations proactively identify, prioritize, and remediate risks across multi-cloud environments, supporting secure, compliant growth.
AI-Powered Detection and Response (UEBA/NDR): As cyberattacks grow more sophisticated, AI-driven solutions like User and Entity Behavior Analytics (UEBA) and Network Detection and Response (NDR) are critical for real-time threat detection, insider risk management, and adaptive incident response.
Quantum-Readiness Assessment and Strategy Development: While quantum computing threats are still emerging, Help AG stresses the need to act now. Organizations must assess crypto-inventories, prioritize migration planning, and integrate post-quantum security into long-term strategies to protect high-value assets.
Cybersecurity Consolidation and Platformization: With complexity becoming a major risk, organizations are accelerating cybersecurity consolidation—favoring unified platforms that integrate detection, response, threat intelligence, and compliance. Help AG’s report shows a strong shift toward multi-year OPEX-driven models and managed security services, aligning investments to business outcomes.
Building Cyber Resilience by Design: In today’s world, cyber resilience defines competitive advantage. Help AG advocates investing in integrated backup, recovery, Digital Forensics and Incident Response (DFIR) capabilities, and managed cyber defense services—ensuring organizations can contain, recover, and thrive after incidents, not just prevent them.
The full State of the Market Report 2025 is now available at https://www.helpag.com/state-of-the-market-report-2025/.