With over 800,000 cyberattacks hitting the country every single day, the UAE isn't waiting for someone else to solve the problem. It's building the solution itself.

by Kasun Illankoon. Editor in Chief at Tech Revolt

There is a version of the future that cybersecurity experts have been warning about for years: one where a nation's hospitals go dark, its financial systems freeze, and its critical infrastructure buckles under the weight of an attack it never saw coming. It is not a hypothetical anymore. It is the operating reality for governments navigating the digital age, and the UAE is acutely aware of it.

Which is why, at the fifth edition of the Make it in the Emirates exhibition in Abu Dhabi this week, the country did something that few nations have managed to do with any real conviction: it announced a plan to build its own cybersecurity capabilities from the ground up, on home soil, powered by artificial intelligence, and answerable to no one but itself.

The initiative is called the UAE Cyber Factory, and it is a joint effort between the UAE Cyber Security Council and CPX Holding, the country's national strategic cybersecurity partner. The ambition behind it is considerable. The factory will design, build, and scale the next generation of the UAE's cyber defenses through advanced programs, technologies, and AI-powered systems, giving the country what its architects describe as end-to-end ownership of its digital security posture.

That phrase, "end-to-end ownership," is doing a lot of work here. In the global cybersecurity market, most nations rely heavily on foreign vendors for their most sensitive security tools. That dependency creates a vulnerability that is political as much as it is technical. If the vendor relationship sours, or if the tool itself contains a backdoor, or if the country's threat profile evolves faster than the vendor's product roadmap, there is very little a government can do. The UAE Cyber Factory is a direct answer to that structural problem.

His Excellency Dr. Mohamed Al Kuwaiti, Head of Cyber Security for the UAE Government, framed the announcement in terms that went well beyond defensive posture. "The launch of the UAE Cyber Factory signals a new phase of leadership, positioning the UAE as a global hub for advanced cybersecurity and a digital power shaping the future of the industry," he said. "In the face of rising global challenges, the UAE stands as a leading model that not only protects but also innovates and leads by developing advanced technologies capable of detecting, preventing and deterring cyber threats effectively."

The scale of what the UAE is defending against gives that language some necessary grounding. According to the UAE Cyber Security Council, the country is absorbing more than 800,000 cyberattacks every single day.

That number has a way of clarifying the urgency. These are not all sophisticated state-sponsored intrusions - the category spans phishing attempts and ransomware campaigns targeting individuals all the way up to coordinated attacks on government infrastructure. But the sheer volume means that the systems doing the detecting, the triaging, and the responding need to be faster, smarter, and more autonomous than any human team could manage alone. That is exactly where AI-powered defense becomes not a luxury but a necessity.

CPX Holding, the company partnering with the Cyber Security Council to bring the factory to life, has been building toward this kind of initiative for some time. As one of the region's leading providers of integrated cyber and physical security solutions, CPX occupies a position in the UAE's security ecosystem that makes it a natural fit for a project of this scope.

Its CEO, Hadi Anwar, was direct about what the factory represents. "The UAE Cyber Factory marks a major step toward a sovereign, future-ready cybersecurity ecosystem," he said. "It brings together local talent, advanced engineering and innovation built in the UAE. By enabling end-to-end capabilities and strengthening national ownership of digital defenses, it will help create a secure and resilient environment for government, businesses and citizens."

The word "sovereign" appears repeatedly in the way both the Council and CPX talk about this initiative, and it is worth sitting with that for a moment. Cyber sovereignty - the idea that a nation should control its own digital destiny, including its own security architecture - has become one of the defining geopolitical concepts of the 2020s. Countries across Europe, Asia, and the Gulf have been grappling with how to achieve it without retreating into technological isolationism. The UAE's answer, at least as articulated through the Cyber Factory, is to build the capability rather than borrow it.

This is also a workforce story. One of the less-discussed dimensions of the Cyber Factory is what it means for the next generation of Emirati cybersecurity professionals. Building and operating a homegrown capability of this scale requires engineers, analysts, threat researchers, and AI specialists who understand the country's specific threat landscape and can iterate on solutions in real time. The factory is, in that sense, as much an investment in human capital as it is in technology infrastructure.

The announcement also lands at an interesting moment for the broader global cybersecurity conversation. Nation-state attacks have grown more frequent and more brazen. Critical infrastructure targeting, once the preserve of a handful of sophisticated actors, has spread. The tools of offensive cyber operations have proliferated. In that environment, the countries that have invested in sovereign capability are faring measurably better than those that have not. The UAE appears to be drawing exactly that lesson.

What comes next for the UAE Cyber Factory will matter as much as the announcement itself. The real test of any initiative like this is execution: whether the AI systems it builds actually outperform what the market currently offers, whether the local talent pipeline develops at the pace the project requires, and whether the factory's outputs become genuinely competitive on a global stage rather than simply adequate for domestic use. The Council and CPX are clearly betting on the latter. Dr. Al Kuwaiti's language about the UAE becoming a "global hub" for advanced cybersecurity is not the language of a country building a moat. It is the language of a country that wants to export the solution.

Given what is at stake, the ambition is probably the right size for the problem.