Forcepoint Scales AI-Native Security in Middle East

Data security is moving into a different phase. Cybercrime costs are expected to hit $10.5 trillion every year, while company data grows by 20% annually because of new AI tools and cloud storage. Since information now moves constantly across different platforms, old security methods that rely on fixed rules or office network boundaries aren’t working anymore.

This change is clear in fast-growing economies like the Middle East. Here, data is no longer just a business asset; it has become basic infrastructure. In cities like Dubai and Riyadh, the digitization of the economy means that a single data breach can disrupt not just a company, but national services and consumer trust on a massive scale.

Forcepoint, a company specializing in AI-native protection, is reacting to this shift. By expanding into Dubai Internet City, they are moving toward a security model that prioritizes the data itself, regardless of where it travels. This expansion isn’t just about opening a new office; it’s a response to a regional demand for security that can keep up with rapid cloud adoption.

Dubai Internet City Continues to Attract Cybersecurity Leaders

Shifting to AI-native security requires more than software. It needs physical hubs where experts and infrastructure sit together. Dubai Internet City has filled that gap for twenty years. It now houses 4,000 companies and 31,000 workers, including teams from Oracle, Google, and Nvidia.

This environment functions as a pressure cooker for technical progress. When security engineers work in the same square mile as cloud providers and AI startups, they can address compatibility issues faster. Forcepoint joins about 150 other security firms in this district. This high density makes it easier for companies to find talent and partners on new projects.

In Dubai, security isn’t just a technical background task. As the government moves more services online, protecting data is a requirement for economic stability and following new laws. The D33 economic plan relies on this; digital growth only works if the systems can protect data across complicated, shared networks. If the goal is to double the size of Dubai’s economy over the next decade, the underlying data “pipes” must be secured against increasingly sophisticated automated attacks.

Data Security – The Need of the Hour

Most businesses now face a few simple realities. Data is scattered across different clouds and apps rather than sitting in one central server. Employees work from various locations (coffee shops, home offices, and airports) meaning the “perimeter” of the office no longer exists. AI tools are also creating new risks even as they help people work faster.

For instance, a marketing team might use a public AI tool to analyze a customer spreadsheet to find trends. If they aren’t careful, they are inadvertently uploading private company information or sensitive customer IDs to an external server that the company doesn’t control. Traditional firewalls can’t stop this because the employee has legitimate access to the file and the website.

Forcepoint’s platform focuses on the information itself rather than the connection. Their system uses a specific architecture called Data Security Everywhere, which includes these layers:

• AI-Powered Discovery (DSPM): Using a technology called AI Mesh, the system finds and labels data automatically. This goes beyond simple keyword searches. It uses small language models to understand the context of a file, helping IT teams see exactly where sensitive items (like unreleased financial reports or patient records) are stored across cloud accounts like OneDrive, Google Drive, or even shadow IT apps.
• Behavioral Monitoring (DDR): Data Detection and Response looks at how people use that data to spot intent. It monitors over 130 “Indicators of Behavior.” If an employee who usually only opens three files a day suddenly downloads thousands of records at 2:00 AM, the system flags this as a deviation from their normal baseline, which could indicate a compromised account or a “flight risk” employee.
• Risk-Adaptive Protection: This is the engine that changes security levels based on a real-time risk score (0-100). Instead of a rigid “yes or no” access policy, the system applies proportional responses. A low-risk user might get a helpful “coaching” pop-up, while a high-risk user might be allowed to view a file but prevented from printing, downloading, or uploading it to an unverified AI tool.

The Idea of “Self-Aware” Security

The term “Self-Aware Data Security” basically means the system knows what a file contains and who is touching it. It can then change protection levels on the fly. This matters because many data leaks aren’t from outside hackers wearing hoodies. They happen when someone with a legitimate password uses a database in a way they shouldn’t, whether by accident or on purpose.

Consider a manager who needs to access a budget file. If they do this from their office computer on a Tuesday morning, the system allows full access. However, if that same manager tries to open that file from a public Wi-Fi network in a different country, the system recognizes the increased risk. It might restrict their ability to download the file or require an extra step of identity verification.

Forcepoint is paying special attention to structured data. These are the organized records in databases that hold a company’s most sensitive details, like credit card numbers, medical records, or government ID numbers. These databases are often the primary targets for attackers because they are a “gold mine” of information. By applying AI to these environments, Forcepoint is trying to close a gap where traditional security tools often struggle to monitor deep database queries in real time.

Fixing Tool Overload and “Alert Fatigue”

A common problem in IT is having too many separate tools. Large companies often use 40 or 50 different security products that don’t talk to each other. One handles cloud files, another watches for employee mistakes, and a third tries to prevent data loss.

This fragmentation creates “blind spots.” An attacker might trigger a small warning in three different systems, but because those systems aren’t connected, no one realizes a major breach is happening. It also leads to “alert fatigue,” where security teams get thousands of notifications a day and eventually start ignoring them.

Forcepoint is trying to combine these functions into one interface. Instead of just sending an alert that a human has to read hours later, the system can stop a risky action immediately. For example, it could automatically encrypt a file the moment it detects it being moved to a personal USB drive. In an environment where AI moves data in seconds, waiting for a manual response from a human operator is often too late.

Strategic Growth and Regional Compliance

This expansion matches the current direction of the Middle East. Governments here are building their own AI infrastructure, and local data protection laws are becoming stricter. The UAE’s Personal Data Protection Law and Saudi Arabia’s PDPL have changed the rules for how companies must handle resident data.

There is now a high demand for security that can scale and adapt to these regulations without slowing down business operations. Companies cannot afford security that acts as a “speed bump” for productivity. They need systems that understand regional compliance requirements automatically.

Dubai Internet City provides the right environment for this. Since security firms are close to government offices, they can stay updated on new policy shifts. It also gives them access to a large pool of tech workers who understand the local market. This proximity helps in deploying these systems quickly across different sectors like banking, energy, and healthcare, where the stakes for data loss are highest.

What This Signals for the Future of Business

For any company in the region, the takeaway is that security is becoming a constant, data-centered process. The era of “set it and forget it” security is over.

• Policy must be dynamic: Fixed rules written six months ago can’t keep up with threats that evolve weekly.
• Context is everything: Simply seeing data isn’t enough; you need to understand who is accessing it, why they need it, and whether their current behavior matches their history.
• Speed is a requirement: Security has to move at the same speed as the data itself. If your security slows down your AI tools, your employees will find ways to bypass the security.

The average cost of a data breach is now $4.88 million. When you factor in the loss of reputation and legal fines, that number can grow much higher. As data footprints grow, the room for error with old security models is disappearing. Forcepoint’s move into Dubai is a practical step toward providing the kind of AI-driven protection needed for the region’s new digital infrastructure.

At Branex, we see this change reflected in how we build systems for our clients. We integrate these security layers, like threat detection and automated controls, directly into our solutions from the start. 

This ensures that as a business scales, its protection scales with it, preventing security from becoming a bottleneck to innovation. We focus on building systems that don’t just store data, but actively protect it based on the context of every single interaction.