This is a temporary backup site for TRENDS MENA while our primary website is being restored following a regional disruption affecting Amazon Web Services cloud infrastructure in the GCC.

Search Site

VideosInforgraphics
Sign inSubscribe

Opinion

ADNOC Distribution 2025 dividend $700m

The company had reported EBITDA of $1.17 bn in 2025.

Empower okays $119.1m H2 2025 dividend

The dividend is equivalent to 43.75% of paid-up capital.

Alujain widens 2025 loss

The increase in loss is due to impairment charges, weaker prices.

Masar 2025 net profit $262m

Higher land plot sales boost revenue and operating income.

Tasnee’s 2025 losses deepen

The petrochemicals' company's revenue also fell 17.7 percent.

Cyber war is here: Five rules redefining digital defence for modern organizations today

April 15, 2026 1:25 pm
  • Recent conflicts in Ukraine and the Middle East confirm what defence professionals long anticipated: cyber operations now precede kinetic strikes
  • And the organizations that survive aren’t the ones with the best firewalls, they’re the ones built to absorb and adapt

Ayman Gomaa

The contemporary battlefield has evolved from a purely physical to an increasingly digital domain. Today’s battlegrounds run through data centres, undersea cables, and the firmware of devices most organisations have never audited. As a retired special operations professional with over two decades of operational experience, including signals intelligence and cyber-domain exposure across 50 countries, I’ve seen this shift unfold in real time. And if there’s one thing I’m certain of, it’s that we are no longer preparing for a cyber war – we’re already in one.

Recent conflicts in Ukraine and the Middle East have confirmed what defence professionals saw coming years ago. Cyber operations now precede kinetic strikes. Digital infrastructure is targeted alongside physical. And the organizations that survive aren’t the ones with the best firewalls, they’re the ones built to absorb and adapt.

Here are the five rules that now define effective digital defence.

Rule 1: Assume You Are Already Targeted

Stop thinking about keeping adversaries out. Start assuming they are already in.

Modern attackers don’t announce themselves. They quietly map, probe, and observe, often for weeks or months before any visible action. We saw this clearly in Ukraine long before February 2022. And it continues to be the pattern in virtually every high-stakes operating environment.

This means prioritising zero-trust architecture, continuous monitoring, and detection capabilities that are fast enough to matter. Cybersecurity isn’t simply an IT function; it is a strategic priority that requires executive-level ownership.

Rule 2: Build Redundancy, Not Dependence on a Single System

Single points of failure are major liabilities. If you over-rely on a single cloud provider, region, or vendor, you create the kind of vulnerability that adversaries actively target. When access is disrupted, for example, by cyberattack, sanctions, or infrastructure failure, organisations without layered redundancy (e.g. built-in backups and alternative systems) simply stop functioning.

In practice, this looks like multi-cloud deployment, geographic data distribution, and secure offline backups. Governments are beginning to mandate this for financial institutions and critical sectors, and I believe other entities should treat alternative resources as a baseline, rather than an advanced practice.

Rule 3: Every Connected Device Is an Entry Point

The attack surface is no longer defined by servers and networks. It includes every device connected to your environment.

In multiple recent conflict zones, unsecured CCTV cameras were accessed remotely and used for targeting and surveillance. Drones, telecom infrastructure, and civilian devices have all become entry points for attackers. The majority of these breaches stem from entirely preventable failures: default passwords, weak authentication, and unpatched systems.

Addressing these basic gaps alone can dramatically reduce exposure. The rule is simple: if it connects, it must be secured.

Rule 4: Design for Continuity Under Attack

Disruption is now a given. The goal is not to prevent it entirely, but to operate through it.

In Ukraine, coordinated cyberattacks against power grids and telecom systems ran alongside physical strikes. Organisations that kept operating were those designed to absorb disruption and adapt accordingly, using network segmentation, zero-trust access controls, automated response, and clear continuity protocols. This marks a fundamental shift. Digital defence today is about endurance not perfection.

Rule 5: Build Partnerships Before You Need Them

No organisation defends itself in isolation. Not in conventional warfare, and not in the digital world either. Effective digital defence requires pre-built frameworks across governments, cloud providers, telecom operators, and the private sector. When a crisis hits, those with trusted, rehearsed relationships can respond immediately by rerouting traffic, shifting workloads, and restoring operations. Those who are reactive lose valuable time negotiating access they should have secured years earlier.

Trust isn’t built in a crisis. It is spent.

The truth is, the front lines have shifted into places most organisations don’t routinely look. Into systems, infrastructure, and the quiet but critical connections that keep everything running.

The organisations that come out stronger won’t be the ones trying to eliminate every risk. They’ll be the ones who understand how to operate with it, building resilience into how they think, decide, and respond. Because in this environment, the real risk isn’t just being targeted. It’s not being prepared for what happens next. That’s when you’re forced into reacting to threats you can’t see and can no longer control.

(The author is Global Leadership Strategist, Special Operations Veteran, and Founder of Acacia Innovations Technology)

Most Read