Built on the Qualys Enterprise TruRisk Management Platform, the ROC framework consolidates risk signals across an organization’s digital footprint into a single pane of glass. It enables Continuous Threat Exposure Management (CTEM), cyber risk quantification, and risk remediation, empowering CISOs to translate cyber risk into business terms, ensure audit readiness, and build long-term resilience.

The mROC Partner Alliance equips partners to drive growth by delivering enhanced Qualys-powered ROC services that transform how enterprises measure, manage, and reduce cyber risk. The expanded roster of partners brings world-class expertise to help organizations overcome common cybersecurity challenges such as fragmented tools, disjointed risk response, and limited visibility—enabling a proactive approach to managing cyber risk at scale.

“When we introduced the concept of the Risk Operations Center, we knew it had the potential to redefine how organizations manage cyber risk,” said Sumedh Thakar, president and CEO of Qualys. “Today, with the launch of our inaugural global mROC partners, we’re delivering on that vision. This is a major milestone in building a thriving ROC ecosystem—one that helps businesses around the world take control of cyber risk with clarity, speed, and measurable impact.”

mROC Partners, through a comprehensive suite of risk service offerings, play a critical role in Qualys’ mission to make cyber risk management easier to adopt, more practical to implement, and more impactful for organizations globally. This innovative group of mROC partners has been thoroughly trained and enabled to operate a ROC powered by Qualys Enterprise TruRisk Management (ETM), delivering comprehensive managed risk services. By aggregating and analyzing risk signals from both Qualys and third-party tools, they offer their clients a holistic, business-aligned view of their risk exposure.

“The Teksalah and Qualys partnership is built on a shared vision — to embed a holistic risk-based, proactive approach at the core of enterprise cybersecurity. Through our powerful platforms, intelligent tools, and proven services—covering real-time risk monitoring to effective remediation—we are enabling organizations to manage risk with precision and drive secure innovation. Together, we are transforming our client’s cybersecurity from a control function into a catalyst for business growth and resilience,” commented Murali Konasani, CEO, Teksalah.

Nicholas Matta brings extensive experience in Environment, Health and Safety (EHS) and Environmental, Social and Governance (ESG) across the Middle East. His background encompasses both project delivery and commercial leadership, providing a comprehensive understanding of how organizations approach risk, compliance, and transformation. Previously holding a leadership position at Enablon, Matta is recognized for his ability to cultivate strong, culturally aligned relationships throughout the region. In his new role at EcoOnline, he will lead partner engagement, customer adoption, and go-to-market strategies in the Middle East, while also overseeing business development in the Benelux region.

Nicholas commented, “I am proud to be part of EcoOnline’s journey in the fast-growing Middle East region. There is a clear opportunity to close market gaps in areas like lone worker protection and chemical safety — challenges that are too often overlooked despite their risk. EcoOnline is uniquely positioned to address these needs with intuitive, people-centered solutions that deliver lasting impact at every level of an organisation.”

The Middle East is currently undergoing rapid industrial and economic transformation, driven by national initiatives such as Saudi Arabia’s Vision 2030, the upcoming World Expo 2035, and ambitious mega-projects like The Line within the $500 billion NEOM development. Since the launch of Vision 2030 in 2016, Saudi Arabia has witnessed a 60% increase in industrial facilities, with the IMF projecting a cumulative economic growth of 6.7% over the next two years. As infrastructure and energy projects accelerate and local workforces expand under nationalization programs like Saudization, the demand for safe, sustainable, and compliant operations is escalating. Key sectors including construction, manufacturing, and energy are facing increasing pressure to meet international standards in both sustainability reporting and frontline risk management.

“The Middle East is at a critical inflection point, with ambitious national agendas driving industrial growth and employment,” said Gareth Palmer, SVP Channel & Alliances. “We see a clear opportunity — and responsibility — to help companies build a safer, more sustainable world of work. By combining local expertise with a global partner ecosystem, we can support organisations navigating this transformation — not just with technology, but with long-term, trust-based collaboration.”

EcoOnline has already established a presence in the Middle East through collaborations with global partners such as DSS+, VPWhite, and WSP. This formal expansion builds upon EcoOnline’s robust foundation in Europe, North America, ANZ (Australia and New Zealand), and South Africa. It reflects the company’s ongoing dedication to providing high-impact industries with user-friendly tools that simplify complexity and enhance safety culture, regulatory compliance, and environmental performance.

Could you give us a brief overview of Group-IB’s presence at GISEC and your solutions?
This is our fourth year we are participating in GISEC, and our involvement has grown significantly—both in terms of visibility and the solutions we offer. Group-IB is one of the few full-platform players in cybersecurity, specialising in active threat intelligence, digital risk protection, fraud prevention, and monitoring. Fraud, in particular, is a rapidly evolving threat—growing in complexity and impact.

Speaking of evolving threats, what key changes are you seeing in the cyber threat landscape, especially in this region?
We’ve observed several concerning trends. First, APT (Advanced Persistent Threat) attacks have become far more sophisticated, driven by global geopolitics. Data exfiltration and theft are rampant. Second, fraud attempts are now borderless, with threat actors sharing intelligence across borders. And third, AI is a double-edged sword—while we use it for threat detection, attackers are leveraging AI for phishing, social engineering, and automating malicious campaigns.

Your Cyber Crime Center has been a major focus. Can you elaborate on its role?
Absolutely. We take a localised, intelligence-driven approach, meaning we develop threat insights at both country and industry levels. This allows us to brief governments, law enforcement, banks, and critical infrastructure providers on targeted risks.

Additionally, our Cyber Crime Center integrates multiple data streams—threat intelligence, fraud analytics, phishing scams, and money laundering patterns—into a unified system. This gives clients a real-time, 360-degree view of their threat landscape, helping them build stronger cybersecurity strategies.

What’s your key message for companies and attendees at GISEC?
There are three main takeaways. Attendees should stay updated on emerging trends, as new vendors and tools are constantly entering the market. They should prioritise tailored intelligence over generic open-source data. And they should maximise ROI on existing security investments before adopting new solutions.

How does Group-IB support its channel partners?
We’re a partner-first organisation, and we’ve launched several initiatives, including a certification program that enables partners to build expertise around our technology. We also conduct partner engagement surveys to gather feedback and improve collaboration, and we emphasise deep interoperability with other security solutions.

Beyond that, we address three key areas: CISO-level security, CFO-focused fraud prevention, and brand protection—each with dedicated solutions tailored to different organisational needs.

To support enterprises and government entities across the Middle East, Turkey and Africa (META) with identifying and validating vulnerabilities and reducing security gaps in real-time, CyberKnight has partnered with Ridge Security, the World’s First Al-powered Offensive Security Validation Platform. Ridge Security’s products incorporate advanced artificial intelligence to deliver security validation through automated penetration testing and breach and attack simulations.

RidgeBot uses advanced AI to autonomously perform multi-vector iterative attacks, conduct continuous penetration testing, and validate vulnerabilities with zero false positives. RidgeBot has been deployed by customers worldwide as a key element of their journey to evolve from traditional vulnerability management to Continuous Threat Exposure Management (CTEM).

“Ridge Security’s core strength lies in delivering holistic, AI-driven security validation that enables organizations to proactively manage risk and improve operational performance,” said Hom Bahmanyar, Chief Enablement Officer at Ridge Security. “We are delighted to partner with CyberKnight to leverage their network of strategic partners, deep-rooted customer relations, and security expertise to accelerate our expansion plans in the region.”

“Our partnership with Ridge Security is a timely and strategic step, as 69% of organizations are now adopting AI-driven security for threat detection and prevention,” added Wael Jaber, Chief Strategy Officer at CyberKnight. “By joining forces, we enhance our ability to deliver automated, intelligent security validation solutions, reaffirming our commitment to empowering customers with resilient, future-ready cybersecurity across the region.”

The briefing, themed “Establishing a Unified Cybersecurity Foundation to Safeguard the Expanding Digital and Intelligent Landscape,” featured presentations by Dr. Zhu Shenggao, Vice President of AI at Huawei Cloud Middle East & Central Asia; Richard Wu, President of Security Product Domain in the Data Communication Product Line, Huawei; and Yongjian Li, President of Data Protection, Huawei. Moderated by Colm Murphy from the Huawei European Cybersecurity Center, the session was attended by media representatives from the GCC, reflecting the region’s increasing emphasis on collaborative cybersecurity strategies.

Strategic Investment in Research and Development
Huawei’s commitment to cybersecurity is underscored by its sustained investment in research and development. Mr. Murphy highlighted the company’s dedication to innovation, noting that in 2024, Huawei allocated USD 24.6 billion to R&D, representing 20.8% of its annual revenue. “The company’s cumulative R&D investment over the past decade amounts to USD 171.1 billion, demonstrating its commitment to continuous advancement in cybersecurity,” Mr. Murphy stated. “Huawei currently employs more than 3,000 cybersecurity R&D personnel, with 5% of its R&D expenditure focused on enhancing the security of its products.”

This investment supports Huawei’s strategic approach to cybersecurity, predicated on the principle that security should be integral to system design and based on rigorous verification against established standards. This commitment is manifested in a comprehensive governance framework and a dedication to providing secure technologies through collaborative partnerships, contributing to industry standards, and upholding privacy and data sovereignty.

Addressing the Evolving Threat Landscape with AI-Native Security
A central focus of the briefing was the increasing prevalence of AI-driven cyberattacks. Mr. Wu emphasized the escalating frequency, sophistication, and covert nature of these threats, noting the utilization of AI technologies by malicious actors to execute advanced attacks and rapidly generate malware variants.

Dr. Zhu addressed this challenge by presenting Huawei Cloud’s AI-Native Security paradigm. “Cybersecurity and privacy protection constitute the cornerstones of development in the digital and intelligent world,” Dr. Zhu stated. “Our unified approach integrates protection across cloud, network, edge, and endpoint environments to provide the comprehensive security foundation necessary for organizations to innovate with confidence.”

Huawei Cloud’s AI Pangu security models integrate comprehensive threat intelligence with specialized capabilities, automating 99% of threat responses and significantly reducing incident detection times. This proactive approach is essential in an environment where conventional security measures are often inadequate in addressing rapidly evolving threats.

Mitigating the Threat of Ransomware: A Multi-Layered Defense Strategy
The briefing also addressed the escalating threat of ransomware, which Mr. Wu reported resulted in USD 42 billion in global losses in 2024. Huawei’s multi-layered protection solution provides active defense with a 99.99% ransomware detection rate, while its HiSec Endpoint product employs AI-driven monitoring to initiate file backup upon detection of suspicious encryption activity.

“In the context of an increasingly complex threat landscape characterized by more frequent, automated, and covert cyber-attacks, cybersecurity must transition from reactive to proactive threat containment,” Mr. Wu stated. “Our unified cybersecurity foundation reflects Huawei’s commitment to assisting organizations in safeguarding their critical digital assets while enabling continued innovation.”

Revolutionizing Data Protection and Recovery Capabilities
Mr. Li introduced Huawei’s innovative approach to data protection and storage security with the unveiling of the OceanProtect E8000. This advanced system features a 3-in-1 converged architecture that integrates backup software servers, short-term retention storage, and long-term retention storage into a unified system.

“Organizations today require comprehensive protection and rapid recovery capabilities,” said Mr. Li. “With OceanProtect E8000, we are providing both within a single integrated system that significantly reduces complexity while enhancing security.” The OceanProtect E8000 delivers a 5x improvement in recovery performance, enabling the restoration of 1TB of data in 20 seconds, and offers a high-density 2PB/2U capacity that reduces rack space requirements by up to 90% compared to conventional solutions.

Fostering Collaboration and Ensuring Compliance
During the Q&A session, the speakers highlighted Huawei’s strategic partnership with Jeraisy Group in Saudi Arabia and discussed Huawei’s Cloud Service Cybersecurity & Compliance Standard (3CS), a framework based on more than 16 global security standards that ensures robust compliance and governance across all deployments.

CyberKnight and Netskope have officially signed a strategic value-added distribution partnership at the CyberKnight stand during GISEC 2025. Leveraging CyberKnight’s proven expertise and coverage, this collaboration aims to empower regional entities to modernize security and safeguard data across all sectors. The partnership ensures enteprise and government organizations can benefit from Netskope’s global innovation and local infrastructure to accelerate performance and get unprecedented visibility into any cloud, AI, web, and private application activity while reducing risks.

As a modern SASE and SSE solution, the Netskope One platform delivers unified data security and adaptive threat protection, combining CASB, SWG, ZTNA, DLP, DSPM and other capabilities with patented AI innovations that detect anomalies, block zero-day threats, and prevent data exfiltration across cloud and AI apps, endpoints, and IoT. With 70% of enterprises in the region now prioritizing AI-driven threat detection and zero-trust frameworks, Netskope’s cloud-native, AI-ready architecture and expansive NewEdge network provide the speed, resilience, and performance required for today’s digital enterprises.

“Netskope goes to market through a network of strategic partnerships and alliances across the region. We work closely with our channel partners who over many years have built strong relationships with enterprise customers and government, who rely on them to recommend and deliver modern cybersecurity solutions, essential to stay ahead of an ever-evolving threat landscape”. “Netskope was founded on the belief that continuous innovation is essential to help organizations modernize networks and security,” said Michael Herman, Vice President Channel Sales, EMEA & LATAM at Netskope”.

“Our partnership with CyberKnight, announced at GISEC 2025, will help expand our regional coverage, help our partners deliver modern cybersecurity solutions and better serve organizations in the region to protect data, securely enable AI usage and build cyber resilience for the future. Cyberknight is committed to building a comprehensive set of skills and services to help partners and customers deploy and deliver Netskope technology at scale. This will enable enterprises and governments to embrace digital transformation with confidence, knowing their users, data, and applications are protected by industry- leading, AI-centric security.”

“Partnering with Netskope marks a pivotal step in our mission to bring the world’s most advanced cloud and AI security to the region,” added Avinash Advani, Founder & CEO, at CyberKnight. “With our focus on technical excellence and Netskope’s cutting-edge platform, we will enable our customers to confidently navigate digital transformation, protect critical assets, and achieve compliance in an increasingly complex threat environment. This collaboration will ensure that organizations across the region have access to market-leading, best-of-breed technology to defend against cyber threats as they accelerate the journey to the cloud.”

What key messages or solutions are you highlighting at GISEC this year?
At GISEC 2025, Check Point Software is focusing on delivering AI-powered cybersecurity innovations that address the specific challenges faced by businesses in the UAE and the wider GCC region. The company is emphasizing practical, prevention-first solutions to help organizations tackle evolving cyber threats. Key themes include collaboration and integrated security, offering multi-layered protection across networks, cloud environments, endpoints and applications. By combining real-time intelligence with adaptable technologies, Check Point Software is demonstrating how businesses can enhance their cyber resilience and support secure digital transformation in the region.

How does GISEC help your company engage with the Middle Eastern cybersecurity market?
GISEC serves as a vital platform for Check Point Software to connect directly with customers and partners in the region. The event enables the company to understand regional security needs, showcase innovations and foster collaboration with local and global technology partners. Through GISEC, Check Point Software can demonstrate its proactive, prevention-first approach to cybersecurity, while also engaging with government agencies, businesses and security professionals to drive knowledge exchange and ensure that cybersecurity strategies are aligned with regional threats and regulatory requirements. Check Point Software’s growing role in the region includes efforts to build cyber security talent through its SecureAcademy program, enhance support for managed security service providers (MSSPs) and foster innovation with local technology alliances. These investments reflect the company’s continued leadership in the region and its vision for enabling secure digital transformation.

How would you describe the current cybersecurity threat landscape in the Middle East?
The cybersecurity landscape in the Middle East is increasingly complex and fast-evolving, marked by a high volume of attacks targeting key sectors like education, communications and utilities. Organizations in the region are experiencing an average of 2,288 attacks per week, well above the global average. Malware threats such as FakeUpdates, Phorpiex botnets and AgentTesla infostealers are prominent, while vulnerabilities linked to information disclosure are the most frequently exploited, impacting nearly three-quarters of organizations. The rise of state-sponsored cyber activities, combined with increased attacks on cloud and hybrid environments, underscores the need for proactive, multi-layered security strategies to defend against a broad spectrum of threats.

What are the most pressing cyber threats facing businesses in the region today?
Businesses in the Middle East face a diverse range of cyber threats, from widespread malware infections to sophisticated targeted attacks. Infostealers, botnets and remote access trojans are prevalent, with attackers frequently leveraging web-based delivery mechanisms, accounting for over 50% of malicious file distribution in recent weeks. Vulnerabilities tied to information disclosure continue to be heavily exploited, while misconfigurations in cloud and hybrid infrastructures are creating additional risk. There’s also a growing trend of cyberattacks aimed at supply chains and third-party vendors. Together, these threats highlight the urgent need for comprehensive protection across all attack surfaces, including web, cloud, endpoints and applications.

How do cultural or regulatory differences impact cybersecurity strategies in the Middle East compared to other regions?
The Middle East’s unique cultural and regulatory environment shapes cybersecurity strategies. Local laws around data residency and privacy, such as the UAE’s national data residency requirements, necessitate customized security solutions. Check Point Software supports these needs with region-specific solutions, including the UAE Infinity Portal, which complies with national data laws and Infinity XDR/XPR, a regionally launched platform combining extended detection and response with automated prevention. Navigating diverse regulations across the region is essential as businesses accelerate digital transformation.

How do your company’s products and services address the specific threats faced by regional businesses?
Check Point Software’s cybersecurity portfolio is designed to meet the dynamic needs of businesses in the Middle East through a prevention-first approach, unified visibility and real-time intelligence. The Infinity architecture offers AI-driven protection across every vector, network, cloud, endpoint, IoT and email—empowered by Infinity ThreatCloud AI, which ingests regional threat intelligence. With solutions like Infinity XDR/XPR, Check Point Software helps businesses detect and respond to threats faster while ensuring compliance with local regulations, enabling stronger cyber resilience amid rising attack volumes.

Are you partnering with any local entities or governments to enhance regional cybersecurity resilience?
Check Point Software is actively collaborating with regional partners to strengthen cybersecurity resilience across the region. At GISEC 2025, the company is participating alongside partners like AWS, Radware, TechBridge Distribution MEA and WIZ. These partnerships support efforts to align security technologies, knowledge sharing and regional priorities, helping organizations enhance their resilience in an increasingly complex and fast-moving threat environment. The company’s growing role in the region reflects its commitment to supporting organizations in securing their digital transformation while contributing to the region’s cybersecurity ecosystem.

What advice would you give to regional businesses looking to strengthen their cybersecurity posture in 2025?
Businesses in the region should prioritize a proactive, prevention-first approach to cybersecurity, focusing on AI-driven solutions that can detect and neutralize threats in real-time. Ensuring cloud environments are secure, addressing misconfigurations and safeguarding edge devices are essential steps. Additionally, businesses should implement robust access control measures and continuously upskill their teams to stay ahead of emerging threats. Embracing automated threat intelligence will also help organizations maintain strong defenses in an ever-evolving threat landscape.

This participation reflects the Center’s commitment to safeguarding digital infrastructure, fostering innovation, enhancing cyber resilience, and promoting robust cooperation at both the local and international levels. During the three-day event, DESC will spotlight a number of key initiatives, including the “Dubai Cyber Challenge”, an exclusive competitive simulation designed to enhance the cyber readiness of Dubai government entities, and the “School of Cyber Defense” CTF competition, which attracted registrations from over 300 university students, engaging them in technical challenges and hands-on training. These programs form a key part of DESC’s ongoing efforts to build a pipeline of skilled cybersecurity professionals equipped to navigate evolving digital threats.

H.E. Yousuf Hamad Al Shaibani, CEO of the Dubai Electronic Security Center, commented, “DESC’s participation in GISEC Global 2025 reflects our steadfast commitment to securing Dubai’s digital future through proactive cybersecurity measures, innovation-driven initiatives, and an integrated ecosystem that fosters collaboration by building partnerships across public and private sectors. GISEC continues to serve as a dynamic platform where industry leaders, experts, and innovators come together to shape the future of cybersecurity.”

“GISEC 2025 provides a critical platform for strategic engagement with global cybersecurity innovators, allowing us to gain insights into emerging technologies and anticipate future threats. These interactions directly support our efforts to create forward-looking policies, develop advanced cyber solutions, and empower national talent to lead in this field. Through such initiatives, we continue to strengthen Dubai’s position as a global hub for cybersecurity excellence and digital innovation,” Al Shaibani added.

DESC experts will also take part in high-level panel discussions addressing key challenges and emerging trends in the cybersecurity landscape. The Center will also formalize strategic partnerships and Memorandums of Understanding (MoUs), aimed at enhancing cross-sector collaboration and strengthening national efforts to secure the cyber space.

Visitors to GISEC Global 2025 are invited to explore DESC’s initiatives at Stand A80 in Hall 7, where DESC will showcase its latest projects, including future-ready cybersecurity guidelines and certification programs designed to keep pace with the evolving digital landscape and strengthen national capabilities. The stand will also serve as a unique opportunity for attendees to engage with DESC’s experts and explore opportunities for joint collaboration.

In a time where digital threats are evolving rapidly, Cloudflare continues to invest in cutting-edge technology that enables businesses to build, scale, and secure digital operations. GISEC 2025 attendees will get a first-hand look at Cloudflare’s Zero Trust platform, AI-native security innovations, Developer Platform, and DDoS mitigation capabilities, all engineered to meet the security demands of modern enterprises.

“As cyber threats become more sophisticated and the region experiences a surge in digital adoption, Cloudflare is committed to enabling secure, resilient, and fast digital experiences,” said Bashar Bashaireh, AVP, Middle East, Türkiye & North Africa at Cloudflare. “Our presence at GISEC reflects our commitment to helping organizations across the Middle East stay ahead of evolving threats, build more secure architectures, and embrace digital transformation with confidence.”

At Security Week 2025, Cloudflare introduced significant advancements to its Zero Trust suite, including Browser Isolation improvements, phishing-resistant authentication, and AI-powered threat detection – making Zero Trust easier to deploy and more powerful for global teams. According to Cloudflare’s Q1 2025 DDoS Threat Report, the company mitigated over 20.5 million DDoS attacks, up 358% YoY. Cloudflare blocked 4.8 billion packets per second (Bpps) attacks, 52% higher than the previous benchmark, and separately defended against a massive 6.5 terabits-per-second (Tbps) flood, matching the highest bandwidth attacks ever reported. Cloudflare will showcase its automated mitigation system, capable of stopping attacks in under 3 seconds, and how its 1.5 Tbps+ edge network ensures constant protection.

At Developer Week in April, Cloudflare unveiled Workers AI Templates, enhanced observability tooling, and WebSocket support, giving developers faster paths to building secure, scalable applications. The Workers AI platform, now running on GPUs in 180+ cities, empowers organizations to deploy low-latency, inference-ready AI apps globally.

Cloudflare’s recent Middle East & Turkey Security Report highlights that 73% of businesses in the region expect an increase in cyberattacks in 2025, yet 60% feel underprepared. Cloudflare’s regional presence and capabilities help bridge this gap with cloud-native solutions built for modern threats. Cloudflare is collaborating with Diligent and Qualys to power a next-generation cyber risk reporting solution—transforming how boards and executive teams gain visibility into cybersecurity posture.

As organizations across the Middle East accelerate cloud adoption and digital transformation, Cloudflare remains a trusted partner in securing networks, web applications, and APIs. The company’s global edge network ensures performance and compliance, while innovations in SASE and AI inference help customers stay resilient and competitive.