Reflections on World Health Expo Middle East

Following the World Health Expo (WHX) held in Dubai during February, Anthony Dibble, Principal Solutions Engineer based in Dubai, reflects on the consistent patterns observed from discussions across the Middle East region.

The Imprivata footprint is global

Imprivata now has over 30 customers across the UAE, Qatar, Saudi Arabia, Bahrain and Kuwait, primarily in the banking and healthcare sectors. This footprint provides a useful reference point for how thinking is evolving locally. Conversations at trade shows also provide valuable additional insights from organisations that are not yet customers.

We recently exhibited at the World Health Expo, which was located at the Dubai Exhibition Centre and took place over four days - it was busy with some 300+ speakers covering a range of areas including general surgery, obstetrics and gynaecology, urology, total radiology, public health and quality management, and patient safety. The whole event had an upbeat and positive vibe.

Acknowledgement of third-party risk and its solutions

While there, I was able to exchange experiences with a range of industry figures from specialist vendors, resellers and, of course, customers. Across those conversations, there were clear consistencies.

There is broad agreement on the problems.

Most people I talk to acknowledge the increasing number of cyber security attacks, and that passwords and privileged accounts remain primary attack vectors. There is also clear acknowledgement that third-party and vendor access needs tighter control, and that regulatory pressure around data sovereignty and residency continues to increase.

There is less consistency in how these challenges are addressed in practice, particularly in environments such as healthcare, where clinical workflow remains the overriding constraint.

Device usage, reducing friction, and mitigating risk

Multiple approaches were described to me. However, security controls that introduce friction for clinicians struggle to be applied reliably. Once friction becomes noticeable, workarounds appear: shared credentials, unlocked workstations, or informal processes that sit outside of policy. This is not a theoretical risk; it reflects how systems are actually used in busy clinical environments. This is also widely recognised by organisations such as the UK National Cyber Security Centre (NCSC).

The same applies to privileged access. While the need for tighter control is widely accepted, many organisations are still reliant on manual processes or VPN-based approaches. These are difficult to scale, introduce operational overhead, and often result in access that is broader or more long-lasting than intended – running counter to zero trust and least privilege principles.

Alongside this, GCC countries are forward-thinking, and the regional market is evolving quickly. Healthcare, financial, and government sector regulation has matured significantly in the past decade. Each country has its own legislation, but in each, typically, compliance around data sovereignty and data residency requires the storage and processing of data on local servers. This has limited the role of cloud. However, with hyperscalers such as Microsoft Azure and AWS moving into the region with sovereign cloud capabilities, including Saudi Arabia later in 2026, cloud services are quickly increasing in relevance. This is particularly notable in light of recent events where some financial institutions are seriously looking at offshore solutions to help build additional resiliency for critical systems.

Taken together, these conversations illustrate a market that understands the risks and is actively looking for practical ways to address them – without disrupting day-to-day operations.

From an Imprivata perspective, this is encouraging.

Balancing security with ease of access

The areas being prioritised by organisations across the region align closely with Imprivata’s focus: continuing to address the core challenge of balancing security with clinical workflows, and extending capabilities to support privileged access and passwordless authentication.

This is also great news for Imprivata customers and our resellers in the region. The platform they rely on today is not only continuing to solve the fundamental workflow and security challenges it was designed for but is also being enhanced to address the evolving threat landscape and operational requirements.

Imprivata’s solutions are perfectly poised to deliver the next generation of enterprise access management and privileged account management solutions that the region requires.

If you found this interesting and would like to discuss in greater detail, please reach out to me at adibble@imprivata.com, or my colleague in the Kingdom of Saudi Arabia, Abdul Chaar at abdul.chaar@imprivata.com.