SentinelOne Chief AI Officer Gregor Stewart explains why autonomous security, continuous cyber education and embedded AI guardrails will be critical to securing the next phase of the UAE’s digital future.
Artificial intelligence is rapidly reshaping the cybersecurity landscape, creating new opportunities for innovation while introducing complex challenges around governance, visibility, data protection, and accountability.
Organisations across government and enterprise sectors are exploring how to harness agentic and autonomous AI systems without compromising security, privacy, or compliance.
Gregor Stewart, Chief AI Officer at SentinelOne, believes the UAE’s coordinated, top-down approach to AI adoption is creating a strong foundation for cyber resilience. With nearly two decades of experience spanning machine learning, generative AI, agentic systems and cybersecurity, Stewart offers a unique perspective on how organisations can navigate emerging risks such as Shadow AI, prompt injection attacks, data exfiltration and AI-driven software supply chain threats.
Stewart spoke to Tahawultech.com on the importance of continuous user education, embedded security guardrails, autonomous cyber defence, and the critical role of accountability as organisations move towards an AI-first future.
Interview Excerpts:
How do you view the UAE’s approach to cybersecurity as it accelerates its digital-first ambitions?
The UAE occupies a unique position, with cybersecurity being shaped by a clear national vision and strong leadership commitment. Ambitious goals around AI adoption and digital transformation are driving security programmes to evolve at the same pace as innovation. Cybersecurity has become an integral component of major government and enterprise initiatives across the country. Close collaboration among policymakers, government entities, businesses and technology providers is helping create a more unified security framework. Such alignment enables faster decision-making, stronger standards, and greater resilience, giving the UAE an advantage in navigating an increasingly complex digital landscape.
Does the move towards agentic AI create new opportunities for the region to strengthen cyber resilience?
When a country commits to deploying agentic AI at scale, security also has to become agentic. Traditional approaches will not be enough because the technology is moving too quickly. The UAE’s ambition forces organisations to modernise their security posture. It creates momentum for new ways of securing systems, data, users and AI-driven workflows. In that sense, the national AI mandate becomes a catalyst for improving cybersecurity across the country and the wider region.
Shadow AI is becoming a growing concern. How can organisations balance employee innovation with governance and risk management?
Shadow AI is often misunderstood. Employees are rarely trying to bypass corporate policies; most are adopting tools they believe can help them work more efficiently, whether AI-powered note-taking applications, meeting assistants or content-generation platforms. Risks arise when sensitive conversations, corporate information or personal data are shared with external servers or model providers without the organisation’s knowledge or oversight.
“Stronger industry standards remain essential for AI application development, particularly around visibility, model provenance and observability.”
Until such frameworks become widely adopted, organisations must deploy solutions capable of identifying AI usage, improving transparency and supporting effective governance.
Governance should not be overly restrictive. Excessively harsh policies often drive users towards unsanctioned workarounds rather than compliance. A more effective strategy involves providing approved enterprise AI tools, educating employees on responsible usage and creating secure pathways for innovation. Such measures enable organisations to balance productivity gains with security, privacy and compliance requirements.
With hybrid work and BYOD models, how should organisations draw the line between personal and professional use of AI tools?
The line has become very blurred. For years, people have mixed personal and work activity on the same devices. With AI, this creates a new challenge because people are entering very detailed prompts that may include personal, professional or confidential information.
“When organisations monitor AI usage, they may also collect private information from employees. That makes observability a privacy issue as well as a security issue.”
The solution is not purely technical. Secure BYOD tools are readily available, but effective security also depends on clear user awareness and guidance. Employees need a strong understanding of what belongs in a work profile, what should remain within a personal profile, and what information the organisation can monitor or control. Security solutions should also provide real-time education and feedback, helping users make informed decisions rather than simply blocking activity.
Which AI security risks should CISOs prioritise over the next 12 months?
Two risks stand out. The first is data exfiltration through AI tools. Employees may accidentally leak sensitive information by entering detailed prompts into external AI systems.
The second is software supply chain risk linked to agentic coding. AI coding tools can pull in libraries, dependencies and components that may be vulnerable or poisoned. Organisations will need stronger controls over what can be imported, curated lists of approved components, and endpoint protection capable of detecting suspicious behaviour.
“Model poisoning is less of a near-term concern for most enterprises because many will use validated models through trusted providers rather than downloading random models from unverified sources.”
How can organisations accelerate AI adoption without increasing cyber risk?
The first line of defence is the person. Security controls must educate users continuously. Traditional quarterly training or periodic phishing simulations are no longer enough. Organisations need continuous learning through real-time guidance, red-teaming and safe simulations.
Cyber guardrails should also be embedded at the lowest possible level, including endpoints, browsers and AI gateways. Security should operate where the user is doing the work, not only in the cloud. This allows organisations to detect, redact or block risky prompts before sensitive data leaves the environment.
Controls should be helpful rather than hostile. For example, if an employee accidentally enters an employee ID into a prompt, the system should be able to redact that information and allow the rest of the request to continue if it is compliant with policy.
How is SentinelOne helping organisations in the UAE and wider META region build secure foundations for autonomous systems?
SentinelOne is focused on two areas. The first is providing the foundation for autonomous security applications. Autonomous systems need fast, dense access to core security telemetry. The Singularity platform is being optimised to be agent-first, allowing agents built by SentinelOne, customers or third parties to access the data they need quickly and effectively.
The second area is delivering autonomous security capabilities directly. SentinelOne already provides autonomous detection, response and rollback on endpoints, and is extending that approach into cloud and investigation workflows. The goal is to allow systems to investigate alerts, trigger responses and reduce manual effort.
However, accountability cannot be automated. As autonomous systems do more work, organisations still need confidence that actions are aligned with their policies and expectations.
“SentinelOne is working on ways to help security teams remain accountable by giving them clear, concise reasons to trust autonomous decisions, rather than forcing them to review thousands of actions manually.”
What is SentinelOne’s regional commitment in META?
SentinelOne has had a presence in the region for over nine years, with teams in the UAE and Saudi Arabia. The company has also brought its autonomous platform into Saudi Arabia on Google Cloud, making it available in-country.
The focus is on helping customers with their autonomous security journey, supporting hybrid models, and working with partners and managed service providers. In this region, local presence matters. Customers want to see long-term investment, local expertise and solutions that can support cloud, on-premises and hybrid environments.
