Microsoft Backs Massive AI Push in UAE, Raising Security Concerns

TechTarget and Informa Tech’s Digital Business Combine.TechTarget and InformaTogether, we power an unparalleled network of 220+ online properties covering 10,000+ granular topics, serving an audience of 50+ million professionals with original, objective content from trusted sources. We help you gain critical insights and make more informed decisions across your business priorities.In partnership with Emirates tech company G42, Microsoft is building the first stage of a 5-gigawatt US-UAE AI campus using Nvidia GPUs.November 7, 2025While American policymakers have debated how to safely develop AI technologies while keeping up with the massive efforts of US rivals, large technology firms are pushing to securely build out AI capabilities in data centers around the globe.In a first big win under the Trump administration, Microsoft gained permission from the US to ship the latest Nvidia AI chips to the United Arab Emirates, highlighting the importance of that country as a gateway to the Middle East. Microsoft shipped the equivalent of 21,500 NVidia A100 graphics processing units (GPUs) — a basic building block of today's performant AI data centers — during Joe Biden's tenure. The Trump administration recently granted the company a license to export an additional 60,400 equivalent units.Security is a key part of the equation, especially because the United Arab Emirates is considered a "complex" partner for the US, says Janet Egan, a senior fellow and deputy director in the technology and national security program at the Center for a New American Security (CNAS)."They have the deep pockets and ambition to focus on building out AI at a massively ambitious scale, yet they are a complex partner because they are an authoritarian regime that is not democratic and still have close partnerships with China as well, including on security issues," she says. "The US is looking to bring [the UAE] closer into the fold of the US orbit and geo-strategic partnerships, but at the same time, has to be very careful about not equipping another nation that might then shift or pivot its interests away from US interests."Related:AI Agents Are Going Rogue: Here's How to Rein Them InMicrosoft is not alone in deepening its relationship with the UAE. In May, five companies — Cisco, Nvidia, OpenAI, Oracle, and SoftBank Group — partnered with Emirates' AI and cloud services company G42 to build Stargate UAE, a 1 gigawatt compute cluster as part of a planned 5 gigawatt US-UAE AI campus. One gigawatt — the amount of power generated by a nuclear reactor — is enough to power an AI compute center hosting 1 million GPUs, according to reported analyst estimates. The Stargate UAE project aims to have its first phase — a 200 megawatt facility — up and running next year.Microsoft will have invested more than $7.3 billion in the UAE between 2023 and the end of 2025, said Brad Smith, president of Microsoft, in a Nov. 3 blog post reviewing its UAE investments. He also highlighted Microsoft's partnership with G42 and its planned investment of $15.2 billion in the UAE by the end of 2029. "While the chips are powerful and the numbers are large, more important is their positive impact across the UAE," Smith said. "We're using these GPUs to provide access to advanced AI models from OpenAI, Anthropic, open-source providers, and Microsoft itself."Related:Government Approach to Disrupt Cyber Scams is 'Fragmented'Microsoft declined to be interviewed for this article.The Microsoft-UAE activities have faced criticism, but mainly from Republican lawmakers during the Biden administration. In May 2024, for example, two Republican lawmakers raised concerns about the initial phase of the deal, requesting that the White House provide details of the security measures and restrictions that would limit technology transfer to China.Deployment of sensitive technology and workloads to data and compute centers in other nations should raise significant security questions, says Sella Nevo, founding director and principal research at the Center on AI, Security, and Technology (CAST) at the global nonprofit policy think tank RAND Corp."It is a lot easier to perform malicious operations in, let's say, the Middle East than it is in the US," he says. "You might worry that an adversary could sabotage a critical system or install backdoors ... and there are many drivers of why that's easier."Related:Dark Reading Confidential: Cyber's Role in the Rapid Rise of Digital AuthoritarianismMany times in other nations, adversaries have greater freedom of operation, and the fear of retaliation is much lower than on US soil. In addition, adversaries in the Middle East have accumulated a great deal of cyberattack experience in recent years, Nevo says.The main concern, however, is whether China will be able to use deals between UAE and Microsoft — as well as the Stargate UAE coalition — to gain access to sensitive chip technology or AI compute workloads. China's technical capabilities will likely result in the production of about 200,000 advanced chips per year, which gives the US and its partners breathing room to establish their technologies, says Egan."China still creates fairly advanced chips, but it just cannot create them at the scale needed for its own AI transition, let alone to effectively export cutting edge AI to the world," she says. "I think that's where the US has bought itself an advantage in terms of it has an opportunity now to move ahead with its ability to produce at scale and then serve a lot of different areas of the world quickly before China is able to catch up and offer the same scale."The UAE is an important ally in the region and the world's most aggressive adopter of AI technology; Microsoft's own "AI Diffusion Report" places the nation at the top of the list of widespread use of AI.Yet, security issues remain a worry. While the complete picture of US requirements for the UAE data centers have not been released, Microsoft's statement on its UAE investments contains some hints at the security measures in place. When Microsoft invested in the UAE's sovereign IT company, G42, the pair had to agree to a binding framework — the Intergovernmental Assurance Agreement (IGAA) — to meet best-practice requirements in cybersecurity, physical security, export controls, and Know Your Customer (KYC) practices.Under the Biden administration, the company did "substantial work ... to meet the strong cybersecurity, national security, and other technology conditions required by [the chip-export] licenses," Microsoft's Smith stated. The latest chip-export permissions under the current administration required even more stringent technology safeguards.Robert Lemos, Contributing WriterVeteran technology journalist of more than 20 years. Former research engineer. Written for more than two dozen publications, including CNET News.com, Dark Reading, MIT's Technology Review, Popular Science, and Wired News. Five awards for journalism, including Best Deadline Journalism (Online) in 2003 for coverage of the Blaster worm. Crunches numbers on various trends using Python and R. Recent reports include analyses of the shortage in cybersecurity workers and annual vulnerability trends.2025 DigiCert DDoS Biannual ReportDigiCert RADAR - Risk Analysis, Detection & Attack ReconnaissanceThe Total Economic Impact of DigiCert ONEIDC MarketScape: Worldwide Exposure Management 2025 Vendor AssessmentThe Forrester Wave™: Unified Vulnerability Management Solutions, Q3 2025How AI & Autonomous Patching Eliminate Exposure RisksThe Cloud is No Longer Enough: Securing the Modern Digital PerimeterSecuring the Hybrid Workforce: Challenges and SolutionsCybersecurity Outlook 2026Threat Hunting Tools & Techniques for Staying Ahead of Cyber AdversariesYou May Also LikeNov 13, 2025How AI & Autonomous Patching Eliminate Exposure RisksThe Cloud is No Longer Enough: Securing the Modern Digital PerimeterSecuring the Hybrid Workforce: Challenges and SolutionsCybersecurity Outlook 2026Threat Hunting Tools & Techniques for Staying Ahead of Cyber AdversariesPKI Modernization WhitepaperEDR v XDR v MDR- The Cybersecurity ABCs ExplainedHow to Chart a Path to Exposure Management MaturitySecurity Leaders' Guide to Exposure Management StrategyThe NHI Buyers GuideCopyright © 2025 TechTarget, Inc. d/b/a Informa TechTarget. This website is owned and operated by Informa TechTarget, part of a global network that informs, influences and connects the world’s technology buyers and sellers. All copyright resides with them. Informa PLC’s registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. TechTarget, Inc.’s registered office is 275 Grove St. Newton, MA 02466.