What do you see as the most critical emerging cybersecurity threats in 2025, and how should organizations prepare for them?
Emerging technologies like AI and ML are disruptors leading to the rise of cyberattacks. AI-powered attacks are increasingly affecting businesses via phishing scams, ransomware attacks, malware attacks, and endpoint vulnerability exploitation. Organisations need to move beyond traditional defences to mitigate this risk. By investing in proactive measures, like penetration testing to uncover vulnerabilities, and using purple team exercises to simulate real-world attacks, organisations can improve their threat detection and response.

With threats targeting both on-premises systems and cloud environments, it’s crucial to secure all digital fronts. Companies must also run tailored incident response drills to stay ready for fast-moving threats. Ultimately, building a strong, adaptive cybersecurity strategy that accounts for AI-driven attacks is essential to protect digital assets and stay resilient in the face of evolving cyber risks.

How is the rise of AI and quantum computing reshaping the cybersecurity landscape, and what risks do they introduce?
As much as it is being hailed for making our lives easy, AI has also become a powerful ally for digital miscreants. In particular, threat actors are using generative AI (GenAI) to create highly convincing phishing emails, fake websites, and deepfakes for deceiving users and stealing their information. Threat actors are also using GenAI to develop sophisticated malware that bypasses traditional security defences.

Similarly, quantum computing is a double-edged sword. These powerful machines are capable of rendering traditional encryption methods obsolete, especially public key cryptography, as what once took a traditional computer years to decode RSA-2048 (a widely used encryption algorithm) takes a quantum computer a matter of seconds or minutes to decode.

How do you predict ransomware tactics will evolve in the near future, and what proactive measures should businesses take?
Threat actors are using AI to develop sophisticated, highly accurate ransomware that not only widens the reach of the attack but increases the impact on its victims. And this issue will only get worse as threat actors evolve their use of AI to carry out these attacks, drastically altering the threat landscape.

Businesses can adopt several key strategies to defend against ransomware attacks effectively. These include improving employee awareness and periodic training, restricting user access by implementing a Zero Trust approach and multi-factor authentication, taking regular data backups, keeping systems updated, and configuring the firewall to filter out suspicious activities and network segmentation to limit the spread of malware.

How does regulatory compliance (like UAE’s Data Protection Law or Saudi’s NCA requirements) impact cybersecurity strategies for regional businesses?
Governments across the region, led by the UAE and Saudi Arabia, have taken it upon themselves to enforce a safe and resilient cyberspace. This is in line with the region’s ongoing efforts to promote digital innovation, thereby delivering better services for people and driving faster economic growth. Compliance mandates, like Saudi Arabia’s and the UAE’s PDPL, play a major role in setting various polices, standards, and guidelines to safeguard the IT infrastructure in the respective countries. By incorporating these controls in their cybersecurity strategies, regional businesses can improve their security posture and protect their sensitive data. Failure to do so not only makes them vulnerable to cyberattacks, but invites substantial fines, legal action, and loss of operating license.

Can you explain ManageEngine’s “unified security” approach and how it simplifies cybersecurity for enterprises?
With over 20 years of experience in observing the changing IT landscape and building highly scalable and integrable solutions, ManageEngine recognises there is no single path to cyber resilience for enterprises. To stay ahead of both established and emerging threats, there is a need to take a holistic approach wherein identities, endpoints, and network infrastructure are all properly secured and governed. ManageEngine’s AI-powered cybersecurity solutions, all of which have been built from ground-up, effectively ensure this. They also help enterprises comply with the most important cybersecurity frameworks and data privacy regulations like the GDPR and the PDPL.

How does ManageEngine leverage AI to enhance phishing simulations and employee training?
For over a decade, we have been researching emerging technologies, resulting in the development of our own in-house AI based on contextual intelligence. We understand AI’s importance in detecting and mitigating cyberattacks. Our AI capabilities can be leveraged for a variety of security use cases, such as ransomware protection, anomaly detection, data exfiltration, and preventing insider access abuse.

Most phishing attacks are carried out via email, which lures an individual to download malware that enables the attacker to breach the user’s system and network. By relying on AI, our solutions can flag potential phishing attempts by continuously analysing emails and websites. This will enable security administrators to prioritise such threats and mitigate their impact.

Could you tell us about Positive Technologies’ presence at this year’s GISEC event and the solutions you’re showcasing?
This year at GISEC, we’re presenting our latest cybersecurity solutions with a strong focus on hands-on, practical expertise. At our stand, we’re demonstrating sophisticated attack techniques like direct memory access attacks and full injection attacks – these show just how easily devices like laptops can be compromised. We’ve also significantly expanded our Hackosphere area compared to last year, featuring interactive engagements including soldering, device hacking, fixed attacks, and stenography challenges. We’ve doubled the size of this interactive space and hope to see twice the engagement as well.

How does participating in this event help you engage with regional companies?
We’re seeing tremendous participation from across industries – government representatives, oil and gas companies, financial institutions, and many partners. GISEC has established itself as one of the most efficient and prominent cybersecurity events not just in the UAE, but across the entire Middle East region.

Could you share your observations about the current threat landscape in the region and how you’re helping companies address these challenges?
Through our Threat Research Center – the largest in Eastern Europe – we continuously monitor critical infrastructure and analyse activity across the deep and dark web globally. In the Middle East specifically, we’re observing significant activity from APT groups, including state-sponsored hackers and hacktivists targeting critical national infrastructure. Their methods typically involve compromising internal organisational systems or creating backdoors, which they often then sell access to on dark web markets.

What challenges are companies facing regarding AI-powered attacks?
AI is undoubtedly the hot topic in cybersecurity right now. While AI capabilities are becoming increasingly sophisticated and powerful, I firmly believe human expertise remains irreplaceable. That said, we’re seeing substantial AI integration from both sides – threat actors are leveraging it for attacks while cybersecurity professionals are using it for defense. This dual adoption is creating significant impacts, and we anticipate this trend will continue growing over the next 5-10 years.

Are you collaborating with any local entities or governments to address these AI-related security challenges?
Absolutely. We’re actively working with local partners, government agencies, and regional companies to help them understand the AI threat landscape and demonstrate how AI and machine learning can be effectively used to protect their infrastructure.

What key advice would you give regional organisations looking to improve their security posture?
My fundamental recommendation is to invest in human capital. Knowledge and expertise are assets you can’t simply purchase – they need to be developed. An organisation might have the best security tools and infrastructure, but without capable personnel, these resources become ineffective. This is why we emphasise sharing our expertise – not just in defense strategies, but in incident response, investigations, and most importantly, in building local capabilities to elevate overall cybersecurity maturity levels.

Deploying AI without a security-first mindset can be perilous and Rob outlines the significant risks enterprises face if they implement AI without proper security safeguards in place. Navigating this new terrain requires a strategic approach, as Rob touches upon what a “risk-based” AI security framework looks like and provides actionable steps on how organizations should begin building one to protect their AI deployments:

What safety challenges are companies facing, and how are you addressing them?
Security challenges are on the rise worldwide, and solutions play a crucial role in addressing them. At Motorola Solutions, we’re focused on tailoring the right solutions for specific verticals, from communication systems to video security and physical security measures.

Can you tell us about your various cameras, like Silent Sentinel and Halo, and smart sensors? How are these helping with security?
Silent Sentinel, recently acquired by Motorola Solutions, is a highly specialized camera system designed for applications like oil and gas and maritime monitoring. It can cover up to 30 kilometres and integrates with third-party systems, making it highly competitive.

Our Halo sensors are a recent addition to our video security lineup. We refer to them as “cameras without an eye” because they capture emergency cases in areas where cameras can’t be installed. These sensors detect smoke, the presence of people, and other critical events, seamlessly integrating with Avigilon Unity platforms.

How are these streamlining compliance issues?
Motorola Solutions adheres to international standards to protect data and identities. Our applications related to security involve case-sensitive data and high compliance standards. The entire process, from installation to implementation, is protected and falls under these compliances.

You have various applications impacting different industries, such as healthcare, utilities, and hospitality. How do you tailor your solutions for these sectors?
Motorola Solutions tailors its offerings to meet the specific needs of various verticals. Video security is implemented across all sectors, while access control may be more suitable for certain industries. Our end-to-end solutions from Avigilon enhance security standards, operations, and responses across different verticals.

How do you address rising security challenges in regions like the Middle East?
The Middle East experiences a high demand for security investments due to rising challenges. Motorola Solutions works closely with governments and complies with local standards to tailor our solutions. By constantly monitoring and receiving feedback from end users, we can effectively address challenges and introduce the right solutions in the market.

AI is a buzzword in today’s security landscape. What role is AI playing in your solutions?
AI plays a vital role in Motorola Solutions’ platforms. While we hear a lot about AI making decisions, in our case, AI helps collect and analyse data, but the final decision rests with the human managing it. This ensures accuracy and effectiveness in responding to security events.