What key messages or solutions are you highlighting at GISEC this year?
At this year’s GISEC we’ll be showcasing our SASE and Zero Trust solutions and how they can help each organisation pave a path to a safer network. Of course, we’ll also be showcasing our leading AI-Powered Security Operations and how we are uniting intelligence with visibility, automation, and protection.

Our commitment to AI innovation is also reflected in our expansion of generative AI, which now enhances seven different products across our portfolio. By integrating FortiAI in such a broad range of solutions, we’re equipping our customers with powerful, adaptive tools that transform how they manage and respond to cyberthreats. As cyber risks continue to grow, we’ll continue to empower our customers with solutions that streamline security processes, improve decision-making, and bolster resilience against evolving threats.

How does GISEC help your company engage with the Middle Eastern cybersecurity market?
Cybersecurity in the Middle East has never been more important. Events like GISEC are not just about collecting business cards; they’re about connecting with individuals and businesses that are open to technologies that shift how we think, work, and drive security outcomes. We look forward to having insightful conversations and opening the doors to future partnerships in the realm of cybersecurity in the region.

How would you describe the current cybersecurity threat landscape in the Middle East?
The pattern is clear: attackers are optimising for speed, scale, and stealth. Defenders must do the same. Traditional security models that rely on static controls, point-in-time assessments, or delayed patch cycles are increasingly inadequate. Tackling the current threat landscape in the Middle East isn’t just a technology conversation—it’s a business continuity conversation. Cyber threats no longer wait for vulnerabilities to be exposed. Their reconnaissance efforts monitor all levels of the network, including compromised credentials and other weaknesses available on darknet forums, so they can strike before your team can respond.

For this reason, we must see a shift towards Continuous Threat Exposure Management (CTEM), which means continuously monitoring attack surfaces, prioritising vulnerabilities based on risk, threat intelligence, and exploit availability—not just CVSS scores, and automating detection and response to reduce dwell time and accelerate containment.

What are the most pressing cyber threats facing businesses in the Middle East region today?
In 2025, cybersecurity challenges will evolve to become even more complex. Threat actors are becoming more specialised, especially in the early stages of attacks, focusing on reconnaissance and weaponisation. Cybercrime-as-a-Service (CaaS) for example is expanding, making advanced tools like phishing kits and automated hacking solutions widely available, even to less skilled attackers. The increasing reliance on multi-cloud environments also introduces more vulnerabilities, creating a larger attack surface for cybercriminals. What’s particularly concerning is the convergence of physical and digital threats, where cyberattacks are paired with real-life intimidation tactics targeting executives and employees.

The use of AI and quantum computing will also continue to transform the threat landscape. Cybercriminals are already using AI to automate reconnaissance and streamline phishing attacks, and this trend will only grow. On the flip side, AI offers promise for real-time threat detection and response. Quantum computing, while still in its early stages, could disrupt traditional encryption methods, making it crucial for businesses to adopt post-quantum cryptography to protect sensitive data. These technologies highlight the need for businesses to stay ahead of the curve and rethink their cybersecurity strategies.

How do your company’s products and services address the specific threats faced by regional businesses?
As today’s network complexity grows, so does the need for intelligent tools that can simplify management tasks and enhance efficiency. This year’s GISEC theme is ‘Securing an AI powered future’, and at Fortinet, we have pioneered AI innovation within cybersecurity for more than a decade, with AI serving as the backbone to the Fortinet Security Fabric and FortiGuard Labs threat intelligence and security services – it’s in our DNA. For organisations in the Middle East seeking to advance in the realm of AI, we’re here to support them in having a clear and comprehensive strategy aligned to their existing business initiatives, providing a partner that is an expert not only in cyber, but that has a solid understanding of AI’s real-world application. Our focus will also remain on helping companies navigate the existing challenges across secure networking, unified SASE, and security operations.

Are you partnering with any local entities or governments to enhance regional cybersecurity resilience?
At Fortinet, we believe our corporate responsibility is to make the world a safer place, creating a digital world you can always trust. Working across sectors and prioritising threat intelligence sharing benefits the cybersecurity community, making us more resilient and effective collectively. That’s why we are committed to partnership and cooperation with global law enforcement agencies, government organisations, and industry organisations. As the global cybercrime landscape evolves, these collaborations will only become more critical to halting threat actors. When we work together, we can move faster and more effectively toward our collective goal of disrupting cybercrime.

Fortinet is also proud to be part of numerous collaborative efforts to address cybercrime, such as being a founding member of the World Economic Forum Centre for Cybersecurity, a contributor to its Partnership Against Cybercrime (PAC), and a founding member of the Cybercrime Atlas, which meets weekly to profile threat actors, review open-source intelligence regarding cybercriminal activities, correlate data, and identify potential disruption points.

What advice would you give to regional businesses looking to strengthen their cybersecurity posture in 2025?
To have a successful cybersecurity programme and to benefit from it, you need to have the right knowledge, skills, and expertise. Without this foundation, even a substantial investment is unlikely to translate into effective implementation. Research estimates a global shortage of around 4.8 million cybersecurity professionals. For regional businesses, investing in internal or external training for the staff that will oversee any new cybersecurity projects is essential.

In the current economic climate, many companies are prioritising cost reduction, leading to more conservative technology investment decisions. For Middle Eastern businesses looking to advance in the realm of cyber, it’s crucial that they have a clear and comprehensive strategy aligned to their existing business initiatives. Adoption must support the business outcomes for that specific organisation and have buy-in from senior executives. It will also be important to choose a partner that is an expert and has a solid understanding of its application.

• Stop AI-powered threats
• Automate security and network operations
• Secure AI tools used by businesses

“Fortinet’s AI advantage stems from the breadth and depth of our AI ecosystem—shaped by over a decade of AI innovation and reinforced by more patents than any other cybersecurity vendor,” said Michael Xie, Founder, President, and Chief Technology Officer at Fortinet. “By embedding FortiAI across the Fortinet Security Fabric platform, including new agentic AI capabilities, we’re empowering our customers to reduce the workload on their security and network analysts while improving the efficiency, speed, and accuracy of their security and networking operations. In parallel, we’ve added coverage across the Fabric ecosystem to enable customers to monitor and control the use of GenAI-enabled services within their organization.”

Key upgrades:
FortiAI-Assist – AI That Works for You

1. Automatic Network Fixes: AI configures, validates, and troubleshoots network issues without human help.
2. Smarter Security Alerts: Cuts through noise, prioritizing only critical threats.
3. AI-Powered Threat Hunting: Scans for hidden risks and traces attack origins.

FortiAI-Protect – Defending Against AI Threats

1. Tracks 6,500+ AI apps, blocking risky or unauthorized usage.
2. Stops new malware with machine learning.
3. Adapts to new attack methods in real time.

FortiAI-SecureAI – Safe AI Adoption

1. Protects AI models, data, and cloud workloads.
2. Prevents leaks from tools like ChatGPT.
3. Enforces zero-trust access for AI systems.

FortiAI processes queries locally, ensuring sensitive data never leaves your network.

How is generative AI being utilized to enhance cybersecurity measures today?
As today’s network complexity grows, so does the need for intelligent tools that can simplify management tasks and enhance efficiency. Generative AI (GenAI) has become a cornerstone for making it happen. It can truly transform how Day 0 to Day 2 network operations are performed.

According to Gartner research, by 2026, GenAI technology is expected to influence 20% of initial network configuration, a dramatic rise from virtually none in 2023. Currently, 65% of network activities, including configuration and troubleshooting, are still performed manually, highlighting a significant opportunity for automation and efficiency improvements through GenAI.

What potential risks does generative AI introduce in the cybersecurity landscape, such as AI-driven cyberattacks?
AI has become a double-edged sword for cybersecurity. On the one hand, it has lowered the barrier to entry into cybercrime, enabling would-be criminals to generate malware even when they lack programming skills and providing more sophisticated criminals with capabilities few could have imagined a short time ago. On the other hand, cyber defenders can take advantage of AI for intelligent automation and defense strategies.

Last year, global leaders raised this issue to the World Economic Forum’s Centre for Cybersecurity, with the aim of helping organizations everywhere to better comprehend the cybersecurity implications of using AI technologies and how to adopt these offerings securely. As a result of these discussions, the World Economic Forum launched its AI and Cyber Initiative to develop guidance for organizations to manage the complex cyber risks associated with AI use.

Understanding and implementing risk management measures positively impacts more than just an enterprise’s cyber resilience. Cybersecurity is a strategic enabler for realizing the full potential of AI. By embedding security into AI systems from the ground up, organizations transform risk mitigation into a competitive advantage, ensuring trustworthiness and ethical compliance.

How can organizations leverage generative AI for proactive threat detection and response?
GenAI can analyze massive data streams, recognize patterns, and deliver actionable intelligence in real-time. It also offers advanced scripting assistance, proactive troubleshooting and IoT vulnerability diagnostics, and automated implementation of AI-recommended remediations, leading to a more secure, efficient, resilient network and, eventually, an autonomous network. FortiAI for FortiManager is revolutionizing network management by integrating GenAI to do just this. FortiAI provides rapid insights into vulnerabilities, quarantining risky IoT devices and helping organizations stay ahead of potential threats.

What ethical concerns arise when using generative AI in cybersecurity, and how can they be addressed?
AI presents a multitude of perspectives and ethical considerations, particularly concerning its development, deployment, and economic ramifications.

To ensure explainability and accountability in AI-driven security decision-making, security teams can focus opting for transparent AI models whose decision-making processes can be understood and audited by human experts. Organisations should also implement robust validation and testing, rigorously testing AI models with diverse datasets to identify and mitigate biases or inaccuracies and following any local and global regulations around AI.

How do you see generative AI evolving in the cybersecurity domain over the next few years?
As we continue to imagine AI in every aspect of cybersecurity, we’re witnessing a revolution that’s reshaping the industry, making it more proactive, responsive, and adaptive than ever before.

GenAI offers transformative potential, as demonstrated by Klarna’s AI Assistant, which now handles the workload equivalent to 700 customer service agents. For Klarna, this translates into an estimated $40 million in annual savings, showcasing AI’s ability to enhance productivity and reduce operational costs.

It is widely acknowledged that AI will have a profound impact on everyday life, though the precise nature and trajectory of this impact remain difficult to predict. Nonetheless, it is imperative that we adopt a forward-thinking approach to understanding and harnessing AI’s potential, ensuring that its development is aligned with societal benefit and economic sustainability. By prioritizing cybersecurity, organizations can protect their investments in AI, supporting innovation while strengthening defenses.

What role does human oversight (HITL) play in ensuring generative AI systems are effectively managing cybersecurity threats?
Automation is particularly important in cybersecurity given the ongoing shortage of expert security staff. However, human oversight will still be important. Security teams will need to be equipped with the knowledge and skills to understand, interpret, and manage AI-driven security systems effectively. The Fortinet Training Institute recently added two new AI-focused modules to its Security Awareness and Training service to enhance learners’ understanding of AI and the role this technology plays in cybersecurity.

AI excels at tactical responses based on predefined rules. However, defining security policies, understanding risk tolerance, and making strategic decisions still require human expertise and intuition. Analysing new and evolving threats, understanding their potential impact, and developing innovative countermeasures will also still require human intelligence and creativity.

“Fortinet has been building an industry-leading OT Security Platform for 20-plus years and remains at the forefront of OT security innovation,” said Nirav Shah, Senior Vice President, Products and Solutions at Fortinet. “As cyberthreats against critical infrastructure and across industries such as energy, transportation, and manufacturing continue to grow, Fortinet remains committed to delivering comprehensive security solutions tailored for operational technology environments. These latest enhancements give organizations the tools they need to improve their OT security posture and adhere to regulatory requirements—all managed through a single, unified platform.”

The latest Fortinet OT Security Platform enhances OT security with:

1. Advanced Threat Protection: New FortiGate Rugged NGFWs combined with the enhanced FortiGuard OT Security Service offer superior security enforcement, detecting threats using over 3,300 OT protocol rules, nearly 750 OT IPS rules, and 1,500 virtual patching rules. This protects against known exploited vulnerabilities and provides virtual patching for older OT systems. Secure remote access is also improved with updates to FortiSRA, including enhanced secrets and password management.
2. Secure Segmentation: The new FortiSwitch Rugged 108F and FortiSwitch Rugged 112F-POE industrial-grade switches enable precise security control at the port level, preventing unauthorized lateral movement within OT networks. Built on Fortinet’s unified FortiOS, these switches simplify network and security management.
3. Resilient Connectivity: Two new ruggedized 5G solutions are introduced: the IP67-rated FortiExtender Rugged 511G for secure, high-speed connectivity to remote OT sites, and the IP64-rated FortiExtender Vehicle 511G for fleet vehicles. Both feature embedded Wi-Fi 6 and new eSIM capabilities for easier carrier selection.
4. Enhanced OT SecOps: Fortinet’s AI-driven security operations capabilities are strengthened with updates to FortiAnalyzer 7.6 and FortiDeceptor 6.1, offering deeper threat insights and simplified compliance reporting for OT security teams. FortiNDR Cloud now includes OT protocol support for threat hunting, while FortiNDR (on-premises) adds features like a Purdue Model view and a device inventory covering OT and the Mitre ATT&CK ICS Matrix.

The Fortinet OT Security Platform delivers a unified view and comprehensive security tools to simplify the management of OT and remote site security. It empowers organizations to easily assess, secure, and report on risks, including meeting complex regulatory compliance. Fortinet uniquely offers seamless segmentation and a complete ruggedized portfolio of OT security solutions all managed by a single operating system, FortiOS. Its deep integration within the Fortinet Security Fabric makes it a leading platform in the industry, providing an effective, efficient, and holistic approach to OT security and compliance that surpasses standard offerings.

Children increasingly use the internet at a young age, making it critical to help them build positive online behaviours and habits and understand the potential risks of being online. Establishing responsible digital practices early on helps students navigate the digital world ethically and effectively, comprehend how to respect others online, and spot and avoid challenges like cyberbullying and misinformation.

To support teachers and administrators worldwide in helping students build positive digital habits, Fortinet offers its Security Awareness Curriculum, which teaches fundamental cybersecurity skills to students ages 4 to 18. The program is free for primary and secondary schools (K-12) across North America and the United Kingdom, with additional country availability forthcoming.

The curriculum is divided into the following levels: Rookies (age 4–7), Novices (age 8–11), Specialists (age 12–14), Leaders (age 15–18), and Experts (elective courses for age 15–18). The program consists of seven “Cyber Strands,” or topic areas. Each strand includes two to four lessons depending on the age group. The strands include:

1. Online Presence: Maintain a positive and safe online presence by thinking critically about identity and making mindful choices about sharing content online.
2. Digital Safety: Engage in safe and respectful online interactions by recognizing online risks and knowing how to respond to difficult situations.
3. Secure Privacy: Protect privacy by safeguarding personal and private information and data.
4. Ethical Integrity: Make informed decisions about actions and choices when using technology by understanding the rights, responsibilities, and consequences of online behaviours.
5. Digital Impact: Use emerging technologies to improve people’s lives by weighing technology’s positive and negative impact on the world.
6. Cybersecurity Landscape: Mitigate risks of cyberattacks by recognizing cyber threats and bad actors’ tactics.
   Online Information: Explore online content safely and confidently by analyzing data and recognizing reliable and relevant sources.

Lessons designed for Novices are now available to teachers and administrators at no cost through the Fortinet Security Awareness Curriculum. The Novices level introduces core cybersecurity concepts in a way that’s suitable for younger students, laying the groundwork for more complex topics in future grades. Beyond the strands noted above, the material for this group delves into age-appropriate topics and scenarios that students experience in the real world, such as respecting content creators and digital works, as well as understanding and identifying cyberbullying.

Specific lessons include Introducing Cybersecurity, History of Computing Innovations, Building Password Essentials, Online Identity, Recognizing Cyberbullying, Making Sense of Social Media, and Respecting Work Online. This program was developed for teachers and by teachers to help students build critical digital skills that will help them in the classroom and beyond. Each Novices lesson includes structured talking points to guide teachers in presenting key concepts clearly and effectively, making it easier for students to understand and connect with the material. The lessons are designed to foster collaboration, with material that encourages students to engage in discussions, draw to visualize concepts and write to reflect on or explain what they’ve learned.

As students everywhere learn to navigate the digital world successfully, they must learn key behaviours and skills to engage effectively online while staying safe. The lessons in the Fortinet Security Awareness Curriculum provide a solid, age-appropriate introduction to digital safety and cybersecurity while encouraging creativity, critical thinking, and collaboration among students.

Increasingly, new laws and regulations are designed to help guide companies in structuring their cybersecurity strategies. For example, the U.S. Securities and Exchange Commission (SEC) has become very strict on what organizations have to report. The European Union General Data Protection Regulation (GDPR) and other regulations like the NIS 2 Directive—an EU legislative act that aims to compel a higher and common level of cybersecurity across all the organizations within the union—are driving structural changes in cybersecurity. Ultimately, it all boils down to adhering to the rules to protect organizations and, by extension, citizens from cybercriminals.

From an executive vantage point, the central questions to be addressed are: “Is my company safe? Is my IT organization doing a good job of protecting us? And, as a leader, am I making sure we’re doing what is required by the SEC, or the EU government, or whoever else is creating the regulations?” In this post, we discuss how top-level managers of organizations can best navigate the intersection between their business needs and cybersecurity requirements.

Indicators of Compromise
Executives rely on their cybersecurity teams to give them an accurate and unvarnished view of the organization’s security posture. When leadership asks, “Are we safe?” the team needs to respond in a way that can be easily understood and is honest. Cybersecurity managers should frequently check the pulse of their networks. When they come upon a concern, they need to provide executives and board members with timely reports about attacks, threats, and indicators of compromise (IOCs).

Typically, an IOC is something new or abnormal that is occurring. This is often a sign that your organization has been compromised. An example of an IOC might be that some devices in the network are connecting to somewhere never witnessed before. Or, it might be an unusual rate of connection or an unusual amount of data being transferred to or from certain locations that are geo-based. Anytime you experience something you would not expect, proceed carefully and be suspicious.

Are You Ready?
Organizations need cybersecurity technology, but they also need to consider their readiness, which requires a strategy. Organizations can acquire pretty much any product or service that they want to protect against this or that particular threat, but the job doesn’t stop there. Each of these new tools will generate information logs and reports. When the tools generate data, a dedicated individual or group must be ready to process all the new information.

If your organization is not processing this new security data, some intrusion that could have been prevented invariably happens. Often, the IT team discovers the initial attack occurred months before, despite all the relevant devices doing their job of generating data logs. However, with no one analyzing all the information, a preventable hack can easily occur. If your organization wants to maintain its security posture, you must be able to do the triage.

When the triage has pinpointed an attack, your organization needs to have a plan in place. And that means, you have to proactively know what tools you have, who the players are, and who needs to be doing what. This is not the time to say, “Let’s call a meeting and figure it out!” Most hackers are using tools that are automated and execute at computer speed. If your organization tries to respond at human, Zoom-meeting speed, you’re in big trouble. So, you must have your processes documented and prepared in advance. Also, you should proactively employ some software technology, like an SIEM or SOAR solution, that enables you to respond to threats immediately.

The Platform Approach
At Fortinet, we believe good collaboration requires moving from a best-of-class approach to a platform approach. With a platform, you can use multiple technologies that can exchange information between themselves and in an open way with other systems. The platform approach is more efficient. It allows multiple technologies to “talk to each other” and extract information that can be used proactively, effectively, and automatically.

For example, when you analyze every confirmed threat and build a model for responding to it, you may end up building hundreds of models. These models are often referred to as playbooks. Eventually, you realize that the playbooks can be condensed and automated. That process is a lot easier to do with a platform of products that have already been designed to work together.

Conclusion
Board members and C-suite executives should have more than a basic understanding of cyber threats and cybersecurity. If one of their primary goals is to keep the business well-protected, they need to be aware that a platform approach to cybersecurity is the best way to keep their organizations secure. Having a cybersecurity platform allows for the automation of defensive tasks and the ability to respond to attacks in milliseconds. Automation is the key because it allows for essentially synthesizing and automating tasks in a timely way. Responding to cyber threats with a Zoom meeting or a manual process is never going to be adequate.

Nearly 90% of organizations experienced at least one breach in the past 12 months. A myriad of ongoing challenges impact an organization’s susceptibility to cyberattacks, ranging from the constant and rapid adoption of new technologies to the ongoing cybersecurity talent shortage.
While there is no one-size-fits-all approach to enhancing organizational security measures and guarding against breaches, one thing is clear: A single entity cannot disrupt cybercrime alone, yet we must fight against our adversaries and hold them accountable for their actions. Establishing choke points on the chess board requires ongoing collaboration between the public and private sectors.

Fortinet is proud to be part of numerous collaborative efforts to address cybercrime. The company is a founding member of the World Economic Forum Centre for Cybersecurity, a contributor to its Partnership Against Cybercrime (PAC), and a founding member of the Cybercrime Atlas. The PAC launched in 2020 as a first step toward establishing a global architecture for promoting public-private cooperation to combat cybercrime. It offers a platform for sharing insights and exploring new approaches to drive successful collaboration against digital adversaries, bringing together businesses, national and international law enforcement agencies, and nonprofit organizations.

In 2023, the PAC created the Cybercrime Atlas, a first-of-its-kind initiative, leveraging the efforts of dozens of organizations to drive real impact by mapping threat actor activities and creating a chain of disruption in the cybercriminal ecosystem. Fortinet is a long-standing and active PAC community contributor and a founding member of the Cybercrime Atlas initiative.

The Cybercrime Atlas became operational earlier this year, two years after the initiative was introduced. Last month, the International Criminal Police Organization (INTERPOL) announced that it identified and arrested more than 1,000 suspects connected to major cybercrime operations with support from the Cybercrime Atlas initiative. This effort dismantled 134,089 malicious infrastructures and networks across 19 African countries, which had impacted more than 35,000 victims to date and resulted in $193 million in financial losses worldwide.

The Cybercrime Atlas initiative’s investigations group, composed of more than 20 members, meets weekly to profile threat actors, review open-source intelligence regarding cyber criminal activities, correlate data, and identify potential disruption points. This information is then organized into intelligence packages to aid cybercrime takedown efforts.

In its first year of operation, Cybercrime Atlas contributors shared over 10,000 community-vetted and actionable data points and supported two cross-border cybercrime disruption efforts. The group created seven comprehensive intelligence packages on emerging threats that they shared with law enforcement to operationalize this actionable data. These intelligence packages from the Cybercrime Atlas initiative contributed directly to the success of this INTERPOL-led effort, which ultimately disrupted attacker operations and held adversaries accountable for their actions.

This recent takedown exemplifies how public-private collaborations like the Cybercrime Atlas initiative drive real impact in disrupting global cybercrime. Working across sectors and prioritizing threat intelligence sharing benefits the cybersecurity community, making us more resilient and effective collectively. At Fortinet, we believe our corporate responsibility is to make the world safer and more sustainable, creating a digital world you can always trust. To deliver on this vision, we’re committed to addressing cybersecurity risks for our customers and society.

No single individual or organization has complete insight into all the threats. Effectively disrupting cybercrime requires public and private organizations to work together, taking a coordinated and unified approach. In addition to Fortinet’s involvement with the World Economic Forum PAC and Cybercrime Atlas initiative, we are committed to partnership and cooperation with global law enforcement agencies, government organizations, and industry organizations. Fortinet has been a trusted partner to INTERPOL and an active Global Cybercrime Expert Group member for nearly 10 years.

The company also joined INTERPOL’s Gateway initiative in 2018, which offers a framework for sharing threat intelligence across organizations. This ongoing collaboration has resulted in the adoption of more substantial threat intelligence standards and protocols across the industry and impactful global cybercriminal takedowns. For example, in 2022, the FortiGuard Labs team provided evidentiary support to INTERPOL and African Member countries as part of the Africa Cyber Surge Operation to help detect, investigate, and disrupt cybercrime through coordinated law enforcement activities, using INTERPOL platforms, tools, and channels in close cooperation with AFRIPOL.

In addition to working with INTERPOL, Fortinet is actively involved with numerous public-private collaborations. The company is a long-standing member of the NATO Industry Cyber Partnership, a partner of NIST’s National Cybersecurity Excellence Partnership program, a founding member of the Cyber Threat Alliance, an official research partner with MITRE Engenuity’s Center for Threat-Informed Defense, and more. As the global cybercrime landscape evolves, these collaborations will only become more critical to halting threat actors. The recent efforts of INTERPOL and the Cybercrime Atlas initiative are a strong example of how, when we work together, we can move faster and more effectively toward our collective goal of disrupting cybercrime.

How did the industry and your company fare in 2024, and what were the key highlights?
2024 was another pivotal year for cybersecurity as the threat landscape became even more sophisticated, with AI being used more extensively in attacks. Cybercriminals also increasingly leveraged Cybercrime-as-a-Service (CaaS), enhancing their capabilities with automated hacking tools and phishing kits.

Fortinet responded by doubling down on AI-driven threat detection and automated response systems, helping organizations mitigate threats in real time. Collaborations with governments and private organizations further underscored our leadership in addressing the convergence of physical and digital threats.

What opportunities do you foresee for 2025, and how do you plan to leverage them?
We see the opportunity to work even closer as an industry to combat cybercrime. We can do this by strengthening public-private partnerships across the board. As attackers continually evolve their strategies, the cybersecurity community must do the same in response.

Pursuing global collaborations, creating public-private partnerships, and developing frameworks to combat cyber threats are all vital to enhancing our collective resilience. Many related efforts, like the World Economic Forum Cybercrime Atlas initiative, of which Fortinet is a founding member, are already underway, and we anticipate that more collaborative initiatives will emerge to meaningfully disrupt cybercrime in 2025.

What major challenges did you encounter in 2024, and how did you address them?
One of the major challenges of 2024 was the increased specialization of threat actors and the convergence of physical and cyber threats. We addressed these issues by enhancing our AI-driven anti-adversary framework and providing businesses with tools for better reconnaissance and weaponization prevention. Additionally, the reliance on multi-cloud environments posed new vulnerabilities, which we helped address by advancing hybrid cloud security solutions and working with organizations to build enterprise-wide cybersecurity cultures.

Which emerging technologies do you believe will be in high demand in 2025, and why?
While Fortinet has been leveraging AI for over a decade, 2025 presents even more opportunities for companies to harness AI and behavioural analytics for real-time cybersecurity, especially as hybrid and multi-cloud environments continue to expand. Post-quantum cryptography will also rise in importance as organizations prepare for the disruption of traditional encryption methods by quantum computing.

What will be your primary focus areas and strategic priorities for 2025?
Our investments in the fast-growing markets of Unified SASE and Security Operations generated strong results this year, and we continued to gain market share in Secure Networking. With our expertise in converging networking and security, a proven track record of innovation, and seamless product integration within our FortiOS and FortiASIC, we are well-positioned to lead in these three core growth areas and drive sustained growth. Additionally, we’ll continue to expand partnerships with governments and industry leaders to strengthen global security frameworks, address the growing convergence of digital and physical threats, and close the global skills gap.

As the holiday season approaches, shoppers worldwide eagerly anticipate snagging deals during Black Friday, Cyber Monday, and other holiday sales. However, this heightened online activity also draws the attention of cybercriminals.

A recent report from FortiGuard Labs, Understanding Threat Actor Readiness for the Upcoming Holiday Season, reveals the advanced tactics attackers have been developing to exploit this year’s shopping frenzy. This blog highlights the report’s key findings from the darknet and offers some practical advice to help shoppers and businesses stay secure this season.

The Cyberthreat Landscape
The holiday season presents an irresistible opportunity for cybercriminals to capitalize on increased online transactions. Tools and services now available on the darknet empower attackers to target e-commerce platforms and unsuspecting shoppers more effectively than ever. This year, threat actors are leveraging cutting-edge techniques, including AI-powered phishing lures, sophisticated website cloning tools, and remote code execution (RCE) exploits to gain unauthorized access to shopping platforms. AI-driven methods allow attackers to craft convincing emails and replicas of legitimate websites to steal data or trick users into disclosing sensitive information.

The report also highlights the growing use of deceptive holiday-themed domains that mimic trusted retailers to lure shoppers with enticing but fraudulent offers. Sniffing tools are another critical weapon that enables cybercriminals to intercept sensitive data like credit card details during online transactions. Key highlights from the report include:

• Shopping-themed phishing lures use generative AI. The report includes examples of cybercriminals using AI models like ChatGPT to craft convincing phishing emails, mimicking legitimate communications from retailers and banks. This increases the effectiveness of their scams, especially during peak shopping periods.

• E-commerce threats abound this holiday season. Threat actors are ramping up efforts to exploit online shopping trends. This year’s report notes that thousands of holiday-themed domains mimicking trusted brands like Amazon and Walmart are being registered to deceive consumers with fake offers and promotions. Popular platforms such as Adobe Commerce, Shopify, and WooCommerce are prime targets due to weak configurations and outdated plugins. Attackers are deploying sniffers to capture customer data and using RCE exploits to gain admin access to shopping platforms.

• A multitude of lucrative darknet services fuels cybercrime. The FortiGuard Labs team has observed a surge in the sale of stolen gift cards, credit card data, and compromised e-commerce site databases. Phishing kits enabling attackers to set up advanced phishing operations, including services, are being sold for between $100 and $1,000, depending on complexity and customizations. Other services, such as sniffing and custom brute-forcing tools, are also readily available, enabling even low-skilled attackers to exploit vulnerabilities.
• Rising risks for businesses. Businesses are equally vulnerable, facing significant risks from phishing scams to the theft of financial information through fake websites. Compromised admin panels, unpatched software, and weak credentials can lead to data breaches, fraudulent transactions, and damaged reputations.

Staying Safe This Holiday Season
To mitigate these risks, shoppers and businesses must adopt proactive measures. Vigilance is essential for shoppers. Double-check URLs before entering sensitive information and use secure payment methods such as credit cards with fraud protection. Avoid shopping over public Wi-Fi networks, which can leave you vulnerable to session hijacking. Enabling multi-factor authentication on your accounts can provide an additional layer of security. It is also crucial to monitor your financial statements regularly for unauthorized transactions.

Businesses must prioritize their cybersecurity posture. Keeping e-commerce platforms and plugins up to date and conducting regular vulnerability scans can significantly reduce risk. Implementing advanced fraud detection tools helps identify unusual activities, such as brute-force login attempts or fake traffic. Educating customers on recognizing phishing attempts and promoting safe shopping habits is equally important. Monitoring domain registrations for potential impersonations and reporting them promptly can help protect your brand. Finally, securing admin panels with strong passwords and restricted access can prevent unauthorized breaches.

A Call to Action
The holiday season should be a time of joy and celebration, not risk and vulnerability. However, for this to happen, businesses must take a proactive stance on cybersecurity while consumers must stay informed and cautious about the threats lurking online.