Market Research
GDPR Fines Hit Nearly €100 Million in H1 2022

The General Data Protection Regulation (GDPR) is a regulation in the EU that controls how all personal data on EU citizens is collected and processed. The legislation covers various privacy aspects, from cookies to monitoring employees in the workplace.
Worth noting that if a company outside of the EU gathers data from users inside the EU, it must adhere to the GDPR. Those who fail to comply with the GDPR requirements receive hefty fines. An analysis by Atlas VPN reveals that GDPR fines hit a total of €97.29 million in the first half of 2022, an increase of 92% over H1 2021.
The data for the analysis is extracted from Enforcementtracker. Please note that not all penalties are made public. The chart below shows monthly GDPR fines for H1 2021 and H1 2022. Companies and individuals were charged a total of €50.6 million in GDPR penalties in H1 2021. On the other hand, legal cases slightly decreased from 215 in 2021 to 205 in 2022.
In other words, even though the number of GDPR violations slightly decreased in 2022, the severity of those violations was considerably worse. The most noticeable difference between 2021 and 2022 can be seen in February, where the total amount penalized differs by nearly €28 million.
On the other hand, there is a distinctive trend throughout both years – around 70% of fines happen throughout the first quarter. In June 2021, the State Commissioner for Data Protection (LfD) of Lower Saxony imposed a fine of €10.4 million on notebooksbilliger.de AG. The German company had monitored its employees by video for at least two years without any legal basis.
The inadmissible cameras recorded, among other things, workplaces, sales rooms, warehouses, and common areas. The company countered by stating that surveillance aimed to prevent and investigate crimes and track goods in warehouses.
However, video surveillance is only lawful when justified suspicion against specific individuals exists. If that is the case, it is allowed to monitor them with cameras for a particular period. Yet, in this case, the monitoring was not limited to specific employees or a time.
In May 2022, the Information Commissioner’s Office (ICO) fined Clearview AI Inc £7,552,800 for using images of people in the UK and elsewhere collected from the web and social media to create a global online database that could be used for facial recognition. Clearview AI Inc has collected more than 20 billion images of people’s faces and data from publicly available information. It did not inform any persons that their images were being collected or used this way.
In addition, the company effectively monitors the behaviour of those individuals and offers it as a commercial service. The GDPR was necessary because the old laws were written before the emergence of new technologies, like smartphones and tablets, which meant that users were not protected against enterprises abusing their personal information.
Luckily, the GDPR gave individuals more clarity on how and why businesses use their data. In addition, the GDPR also considerably limited the data businesses can collect, allowing individuals to browse the web and use services with much more privacy.
Artificial Intelligence
Cloud Security Trade-Offs Rise: 91% of Leaders Face AI Threats

Gigamon has released its 2025 Hybrid Cloud Security Survey, revealing that hybrid cloud infrastructure is under mounting strain from the growing influence of artificial intelligence (AI). The annual study, now in its third year, surveyed over 1,000 global Security and IT leaders across the globe. As cyberthreats increase in both scale and sophistication, breach rates have surged to 55 percent during the past year, representing a 17 percent year-on-year (YoY) rise, with AI-generated attacks emerging as a key driver of this growth.
Security and IT teams are being pushed to a breaking point, with the economic cost of cybercrime now estimated at $3 trillion worldwide according to the World Economic Forum. As AI-enabled adversaries grow more agile, organizations are challenged with ineffective and inefficient tools, fragmented cloud environments, and limited intelligence.
Key findings highlight how ai is reshaping hybrid cloud security priorities:
- AI’s role in escalating network complexity and accelerating risk is evident. The study reveals that 46 percent of Security and IT leaders say managing AI-generated threats is now their top security priority. One in three organizations report that network data volumes have more than doubled in the past two years due to AI workloads, while nearly half of all respondents (47 percent) are seeing a rise in attacks targeting their organization’s large language model (LLM) deployments. More than half (58 percent) say they’ve seen a surge in AI-powered ransomware—up from 41 percent in 2024 underscoring how adversaries are exploiting AI to outpace and outflank existing defenses.
- Compromises highlight continued trade-offs in foundational areas of hybrid cloud security. Nine out of ten (91 percent) Security and IT leaders concede to making compromises in securing and managing their hybrid cloud infrastructure. The key challenges that create these compromises include the lack of clean, high-quality data to support secure AI workload deployment (46 percent) and lack of comprehensive insight and visibility across their environments, including lateral movement in East-West traffic (47 percent).
- Public cloud risks prompt industry recalibration. Once considered an acceptable risk in the rush to scale post-COVID operations, the public cloud is now coming under increasingly intense scrutiny. Many organizations are rethinking their cloud strategies in the face of their growing exposure, with 70 percent of Security and IT leaders now viewing the public cloud as a greater risk than any other environment. As a result, 70 percent report their organization is actively considering repatriating data from public to private cloud due to security concerns and 54 percent are reluctant to use AI in public cloud environments, citing fears around intellectual property protection.
- Visibility is top of mind for security leaders. As cyberattacks become more sophisticated, the limitations of existing security tools are coming sharply into focus. Organizations are shifting their priorities toward gaining complete visibility into their environments, a capability now seen as crucial for effective threat detection and response. More than half (55 percent) of respondents lack confidence in their current tools’ ability to detect breaches, citing limited visibility as the core issue. As a result, 64 percent say their number one focus for the next 12 months is achieving real-time threat monitoring delivered through having complete visibility into all data in motion.
With AI driving unprecedented traffic volumes, risk, and complexity, nearly nine in 10 (89 percent) Security and IT leaders cite deep observability as fundamental to securing and managing hybrid cloud infrastructure. Executive leadership is taking notice, as boards increasingly prioritize complete visibility into all data in motion, with 83 percent confirming that deep observability is now being discussed at the board level to better protect hybrid cloud environments.
“Security teams are struggling to keep pace with the speed of AI adoption and the growing complexity and vulnerability of public cloud environments,” said Mark Jow, technical evangelist, EMEA, at Gigamon. “Deep observability addresses this challenge by combining MELT data with network-derived telemetry such as packets, flows, and metadata, delivering increased visibility and amore informed view of risk. It enables teams to eliminate visibility gaps, regain control, and act proactively with increased confidence. With 88 percent of Security and IT leaders agreeing it is critical to securing AI deployments, deep observability is fast becoming a strategic imperative.”
“With nearly half of organizations saying attackers are already targeting their large language models, AI security can’t be an afterthought, it needs to be a top priority,” said Mark Walmsley, CISO at Freshfields. “The key to staying ahead? Visibility. When we can clearly see what’s happening across AI systems and data flows, we can cut through the noise and manage risk more effectively. Deep observability helps us spot vulnerabilities early and put the right protections in place before issues arise.”
Cyber Security
Axis Communications Sheds Light on Video Surveillance Industry Perspectives on AI

Axis Communications has published a new report that explores the state of AI in the global video surveillance industry. Titled The State of AI in Video Surveillance, the report examines the key opportunities, challenges and future trends, as well as the responsible practices that are becoming critical for organisations in their use of AI. The report draws insights from qualitative research as well as quantitative data sources, including in-depth interviews with carefully selected experts from the Axis global partner network.
A leading insight featured in the report is the unanimous view among interviewees that interest in the technology has surged over the past few years, with more and more business customers becoming curious and increasingly knowledgeable about its potential applications.

Mats Thulin, Director AI & Analytics Solutions at Axis Communications
“AI is a technology that has the potential to touch every corner and every function of the modern enterprise. That said, any implementations or integrations that aim to drive value come with serious financial and ethical considerations. These considerations should prompt organisations to scrutinise any initiative or investment. Axis’s new report not only shows how AI is transforming the video surveillance landscape, but also how that transformation should ideally be approached,” said Mats Thulin, Director AI & Analytics Solutions at Axis Communications.
According to the Axis report, the move by businesses from on-premise security server systems to hybrid cloud architectures continues at pace, driven by the need for faster processing, improved bandwidth usage and greater scalability. At the same time, cloud-based technology is being combined with edge AI solutions, which play a crucial role by enabling faster, local analytics with minimal latency, a prerequisite for real-time responsiveness in security-related situations.
By moving AI processing closer to the source using edge devices such as cameras, businesses can reduce bandwidth consumption and better support real-time applications like security monitoring. As a result, the hybrid approach is expected to continue to shape the role of AI in security and unlock new business intelligence and operational efficiencies.
A trend that is emerging among businesses is the integration of diverse data for a more comprehensive analysis, transforming safety and security. Experts predict that by integrating additional sensory data, such as audio and contextual environmental factors caught on camera, can lead to enhanced situational awareness and greater actionable insights, offering a more comprehensive understanding of events.
Combining multiple data streams can ultimately lead to improved detection and prediction of potential threats or incidents. For example, in emergency scenarios, pairing visual data with audio analysis can enable security teams to respond more quickly and precisely. This context-aware approach can potentially elevate safety, security and operational efficiency, and reflects how system operators can leverage and process multiple data inputs to make better-informed decisions.
According to the Axis report, interviewees emphasised that responsible AI and ethical considerations are critical priorities in the development and deployment of new systems, raising concerns about decisions potentially based on biased or unreliable AI. Other risks highlighted include those related to privacy violations and how facial and behavioural recognition could have ethical and legal repercussions.
As a result, a recurring theme among interviewees was the importance of embedding responsible AI practices early in the development process. Interviewees also pointed to regulatory frameworks, such as the EU AI Act, as pivotal in shaping responsible use of technology, particularly in high-risk areas. While regulation was broadly acknowledged as necessary to build trust and accountability, several interviewees also stressed the need for balance to safeguard innovation and address privacy and data security concerns.
“The findings of this report reflect how enterprises are viewing the trend of AI holistically, working to have a firm grasp of both how to use the technology effectively and understand the macro implications of its usage. Conversations surrounding privacy and responsibility will continue but so will the pace of innovation and the adoption of technologies that advance the video surveillance industry and lead to new and exciting possibilities,” Thulin added.
Cyber Security
Rising Cyber Insurance Pressures Push UAE Firms to Fix Identity Silos and AI Vulnerabilities

CyberArk has announced the release of the CyberArk 2025 Identity Security Landscape Report, a global survey revealing how organizations are inadvertently creating a new identity-centric attack surface through growing use of AI and cloud. The report shows that machine identities are mostly unknown and uncontrolled within organizations, while the primary roadblocks to Agentic AI adoption in the UAE involve security concerns around external manipulation and sensitive access, signposting the emergence of a new and potent identity security challenge.
“The race to embed AI into environments has inadvertently created a new set of identity security risks centered around the access of unmanaged and unsecured machine identities – and the privileged access of AI agents will represent an entirely new threat vector,” said Craig Harwood, Area VP for Africa and the Middle East at CyberArk. “For UAE organizations to stay resilient, CISOs and security leaders must modernize their identity security strategies to contend with a new and expanding attack surface characterized by the proliferation of identities with privileged access and made worse by damaging identity silos.”
‘Rise of the machines’ contributes to unsecured privilege sprawl: Machine identities, driven primarily by cloud and AI, now vastly outnumber human identities within organizations and nearly half have sensitive or privileged access. However, many enterprises leave both human and machine access to critical systems under-secured. There are 82 machine identities for every human in organizations worldwide.
In 92% of UAE organizations, the definition of a ‘privileged user’ applies solely to human identities – but 42% of machine identities have privileged or sensitive access. Fifty two percent do not have identity security controls in place to secure cloud infrastructure and workloads. Fifty four percent of UAE organizations experienced at least two successful identity-centric breaches in the past 12 months, ranging from supply chain attacks and compromised privileged access to identity and credential theft.
AI is everywhere and identity-centric agentic AI risk looms: Sanctioned and unsanctioned adoption of AI and large language models (LLMs) is simultaneously transforming organizations while amplifying cybersecurity risks. Concerns around the emergence of AI agents in the UAE and their privileged access underscores the urgency for targeted identity security investment. AI will drive the creation of the greatest number of new identities with privileged and sensitive access in 2025.
Only eighteen percent of UAE organizations have identity security controls for AI in place. Sixty percent cannot secure shadow AI usage in their organization. AI agent adoption roadblocks include manipulation and sensitive access concerns. Complexity and identity silos are overwhelming security leaders and undermining business resilience: Fragmented identity security programs and poor environmental visibility are diminishing resilience in the face of evolving cybersecurity threats. Most organizations face increased privilege-related compliance pressure.
Seventy percent of UAE respondents say identity silos are a root cause of organizational cybersecurity risk. Sixty eight percent of security professionals in the UAE agree that their organizations prioritize business efficiencies over robust cybersecurity. Human and machine identities – many of them with privileged access – are expected to double in 2025. Ninety percent of UAE organizations are under increased pressure from insurers mandating enhanced privilege controls.
CyberArk is also participating at GISEC Global 2025, taking place from 6–8 May at the Dubai World Trade Centre. The company will be present at the HELP AG stand, where it will host a dedicated pod showcasing its latest cybersecurity solutions and discuss the Identity Security Landscape report. Attendees will have the opportunity to engage directly with CyberArk’s leadership, including Craig Harwood, Vice President for Middle East and Africa, and Laurence Elbana, Director of Sales, who will be available throughout the event.
-
Artificial Intelligence1 week ago
Help AG and F5 Collaborate on Managed App and API Security
-
News1 week ago
Reolink Launches Smart Security Solutions in Middle East
-
Cyber Security2 days ago
Beyond Blocklists: How Behavioural Intent Analysis Can Safeguard Middle East Businesses from Rising AI-Driven Bot Threats
-
Artificial Intelligence1 week ago
As Adversarial GenAI Takes Off, Threat Intel Must Modernize
-
Channel Talk1 week ago
Dynatrace Names DXC Global Partner of the Year
-
Events7 days ago
Matrix to Exhibit NDAA Compliant Surveillance at ESX North America 2025
-
Cyber Security2 days ago
Honeywell Report Reveals 46% Quarterly Spike in Industrial Ransomware
-
News6 days ago
BlueCat to Show Off Next-Gen Network Operations at Cisco Live