As the race to localise cloud infrastructure intensifies across the Middle East, the UAE and Saudi Arabia have emerged as clear leaders. The two countries now host 56 and 43 data centres respectively, according to Data Center Map, and both are proactively building sovereign cloud infrastructure capable of powering AI workloads and meeting tightening data localisation mandates. For global cybersecurity firm Sophos, this backdrop presents not just an opportunity—but a strategic imperative.
To strengthen its position in the region, Sophos has announced plans to launch a new data centre in the UAE, hosted on AWS, by the end of the year. The move is a response to mounting demand from public and private sector organisations for compliant, low-latency cybersecurity solutions hosted within national borders.
“The most important reason for doing that is because we’ve listened to customers and partners,” says Gerard Allison, Senior Vice President for Europe, Middle East, and Africa at Sophos. “They’ve always made the point that data sovereignty is becoming more and more important for UAE across local compliance, particularly in the public sector area. So data sovereignty is actually the key to the future.”
Governments in the UAE, Saudi Arabia, and beyond are tightening regulations around data sovereignty, particularly for sensitive categories like personal, financial, and health data. This has triggered a surge in demand for in-region cloud and security services. Sophos’ upcoming UAE facility is designed to meet these evolving needs, while enabling faster delivery of its cloud-native platform.
“We are a cloud-native and security solution, so we have our central platform which manages all our products,” Allison explains. “So we’ll be hosting that on AWS… It’s going to give reduced latency and openness, a faster response to the cloud, which will allow them to add more cloud services into their organisation, while holding the data in the region.”
The deployment is also in line with regional digital transformation and AI ambitions. Saudi Arabia has set a goal for AI to contribute 12.4% of GDP by 2030, while the UAE expects AI to generate a 14% economic uplift by the same year. These strategies require immense, locally hosted computing power—and Sophos aims to be part of that backbone.
“I’ve been coming to this region for over 25 years now,” says Allison. “Sophos has always invested in the region and seen the potential. And I think there’s another phase of potential that’s happening that we really want to make sure we continue to invest in as well.”
The decision to partner with AWS reflects Sophos’ global infrastructure strategy. “All our data centres all over [the world] are within AWS,” he says. “So it’s just a global relationship we have… When we look to expand, we always expand via AWS as a company.”
But while the infrastructure is foundational, Sophos’ regional success has long been built on its channel-first model. “Our partners are the most critical to Sophos and to our customers as well,” says Allison. “We are a partner-first organisation—always have been. One hundred percent of our business goes through partners to end customers.”
Sophos supports a broad range of channel partners, including system integrators, MSPs, OEMs, and value-added resellers. Its MSP Elevate programme, launched earlier this year, is designed to deepen engagement with MSPs, offering bundled MDR services, simplified sales processes, rebates tied to performance, and access to more advanced security solutions.
“We’ve also launched our MSP Elevate Program, which gives [MSP] partners… more exposure to multiple areas of benefits, whether that be an MDR bundle… to make it even easier for them to add customers,” Allison explains.
What sets Sophos apart, he adds, is its vendor-agnostic approach. “We are a vendor-agnostic company, so we have over 350 integrations across multiple platforms—companies that compete with us as well. We make sure that the investments that partners have made have longevity.”
This flexibility has proven especially valuable amid a global shortage of cybersecurity talent. “When I think about the region, without doubt, there’s a skill shortage across the whole of cybersecurity—in fact, there’s a shortage worldwide,” he says. “So no matter what company you’re selling to, we need to understand the value that you can give them.”
In markets like the UAE and Saudi Arabia, many MSPs now serve as outsourced CISOs for their clients, handling not just day-to-day protection but also compliance and governance. “We want to make sure that every customer of every size has the right security posture and is able to manage and secure themselves,” says Allison. “We really tailor the solution to the right size of organisation.”
AI also plays a central role in this vision. “AI has been a part of our platform since 2016,” he says. “We have an adaptive AI-native platform that runs across the whole protection of our customer base. But clearly, it’s not just about having AI—it’s about bringing it together with human expertise. AI doesn’t solve it by itself.”
By combining AI telemetry from more than 600,000 global customers with expert threat response, Sophos offers proactive defence across customer segments—from SMBs to enterprise. With the new UAE data centre, that power will soon be even closer to home.
“From a region perspective: expansion,” Allison concludes. “We’re expanding people into the region… Channel partners can expect us to continue to enhance programmes to complement the way they go to market… and stand shoulder to shoulder to go and beat the bad actors that are out there.”
Discussion about this post