Astra Insight/Insights
Publications  ·  Spring 2026

From the
desk.

Research, field notes, and regulatory briefings from our analysts, partners, and front-line incident response teams. Published when there is something material to say, not on a marketing calendar.

Filter by topic All Threat Research Regulatory Sector Note Briefing
Featured · Threat Research

Identity is the new perimeter. What regional CISOs are doing about it.

Across the GCC, Southeast Asia, and Australia, identity has quietly overtaken the network as the primary attack surface. We examine how attacker tradecraft has shifted from endpoint exploitation to session theft and consent abuse, and what regulated institutions in our four markets are doing to harden the layer they used to underestimate.

Read brief (14 min) Salman Khan  ·  April 2026
0211 min readMarch 2026

Hyperscaler tenancy in the GCC: what enterprise customers are now required to demonstrate.

As regional hyperscaler capacity expands across the UAE and Saudi Arabia, the assurance bar for enterprise tenants has risen sharply. A practical view from our datacenter security practice on the controls procurement and audit teams are now writing into contracts.

Abbas Ali Shaikh · Managing Partner
Sector Note
039 min readFebruary 2026

Reading Saudi NCA's ECC-2: what changed for boards in the Kingdom.

The National Cybersecurity Authority's revised Essential Cybersecurity Controls shift the assurance burden materially toward continuous compliance and board-level reporting. We summarize the changes that matter and where audit committees in the Kingdom should focus first.

Salman Khan · Principal, Cyber Security
Regulatory
0412 min readJanuary 2026

AI governance under the UAE AI Charter: an operating playbook.

The UAE AI Charter and the surrounding regulatory landscape are converging on a small set of governance expectations. A practical playbook from recent engagements on what "good" looks like for model risk, data lineage, and attestation under live regulatory scrutiny.

Abbas Ali Shaikh · Managing Partner
Briefing
Subscription

Quarterly briefings,
by invitation.

Our quarterly briefing circulates to a small list of clients and peers. Topics are chosen by our research desk; the list is not for sale and is not used for marketing.

Request subscription