What key messages or solutions are you highlighting at GISEC this year?
From booth C175 in Hall 5 Tenable will showcase its Tenable One Exposure Management Platform – the world’s first AI-powered exposure management software. Effective exposure management requires a unified view of the entire attack surface, allowing security teams to detect toxic risk combinations, identify attack path choke points and prioritise weaknesses based on their true impact on the organisation. Tenable One radically unifies security visibility, insight and action across the attack surface, equipping modern organisations to isolate and eradicate priority cyber exposures from IT infrastructure to cloud environments to critical infrastructure and everywhere in between.

How does GISEC help your company engage with the Middle Eastern cybersecurity market?
Events, like GISEC, provide an invaluable opportunity for us to engage in meaningful conversations and explore the most effective strategies for organisations to identify and reduce cyber risk in today’s fast-paced technological landscape. We look forward to connecting with both existing and potential customers, strengthening relationships with our partners, and building new partnerships with organisations that share our commitment to strong cybersecurity.

How would you describe the current cybersecurity threat landscape in the Middle East?
The Middle East’s cybersecurity threat landscape is experiencing a significant increase in cyberattacks, primarily driven by state-sponsored attacks, hacktivism, and cybercriminal enterprises. Verizon recently announced its annual Data Breach Investigation Report (DBIR) which revealed that Edge devices are becoming prime targets for attackers and often serve as the first point of entry for breaches, making their security critical.

But there’s no need for panic. Foundational cyber hygiene can eradicate the vast majority of threats organisations face, regardless of adversary or entry point. An exposure management program combines the people, processes and technologies associated with exposure management. Technologies such as vulnerability management, Web application security, cloud security, identity security, attack path analysis and attack surface management are used to help an organisation understand the full breadth and depth of its exposures and take the actions needed to reduce them through remediation and incident response workflows.

What are the most pressing cyber threats facing businesses in the region today?
Phishing, data breaches, ransomware, and supply chain attacks are continuing to cause challenges for organisations across the Middle East. These cyber attacks often exploit vulnerabilities across cloud resources, data, and on-prem networks due to identity misconfiguration or lapses in security protocols.

Threat actors look to monetise their and will look for low-hanging fruit – those organisations whose security practices may be less mature offering an easy target.For threat actors, compromising these organisations can be the first layer of a successful infiltration, facilitating further transition across the network or even allow incursion into connected third-parties.

From a security perspective proactive, strengthening defences has to be the goal as it can be enough to make a hacker move on to a different target. Organisations need the ability to see their entire attack surface holistically to determine all of their software vulnerabilities, misconfigurations, who is using what systems and what level of access they have all correlated together, regardless of whether it’s happening on a laptop, a container, an application or a programmable logic controller (PLC). This context allows security teams to focus efforts on the threats that pose a real versus theoretical risk to the business.

How do cultural or regulatory differences impact cybersecurity strategies in the Middle East compared to other regions?
The UAE has introduced a number of regulatory initiatives recently, including the National Cybersecurity Strategy and the Dubai Data Protection Law. These laws require businesses to ensure the safety of their systems, data, and networks and to comply with international standards for cybersecurity.

However, while legislation and frameworks are helpful, ticking a box does not always equate to strong security defences and organisations should not be lulled into a false sense of security. Knowing what is important to the business to function and ensuring defenses are hardened to protect this infrastructure, resources and data should be first and foremost. Often this activity naturally ticks the requirements of many regulatory directives.

How do your company’s products and services address the specific threats faced by regional businesses?
The United Arab Emirates is focused on becoming a global hub for business and innovation, a vision that is accelerating digital transformation across the region. As is happening around the world, the rapid adoption of AI is playing a central role in this shift, offering organisations new opportunities to enhance efficiency, improve customer experiences, and create competitive advantages.

However, there is disparity between the speed of AI development and our ability to react, creating an AI speed paradox. When we think of historical technology evolution, the speed of AI adaptation is incomparable. From the start of 2024 to where we are today is unrecognisable. When it comes to security, there is a danger that the horse won’t just bolt through the open gate but charge through it and may even destroy the gate entirely. We must think about security first, before it’s too late.

What we see today is organisations harnessing Generative AI (GenAI) to introduce more and more applications quickly and at scale. However, this has caused a serious security issue as there is a lack of security controls, with many containing vulnerabilities. It is imperative we not only slow down, but also take steps to enhance cybersecurity across the entire lifecycle of GenAI development. This would include secure coding practices, scanning for vulnerabilities, conducting code reviews, employing static and dynamic analysis tools and performing regular security testing and validation.

In September, Tenable introduced AI Aware — advanced detection capabilities that provides exposure insight into AI applications, libraries and plugins so organisations can confidently expose and close AI risk, without inhibiting business operations. Recent data paints a grim picture: approximately 70% of cloud AI workloads contain at least one unremediated vulnerability. Worse still, Tenable’s 2025 Cloud AI Risk Report identified CVE-2023-38545—a critical curl vulnerability—in 30% of cloud AI workloads. This is not a minor oversight; it is a glaring weakness that invites attackers to infiltrate, manipulate, and exploit AI systems with ease.

Tenable has recently introduced new data security posture management (DSPM) and artificial intelligence security posture management (AI-SPM) capabilities for Tenable Cloud Security. By extending exposure management capabilities to cloud data and AI resources, Tenable Cloud Security exposes risk from across hybrid and multi-cloud environments, including vulnerabilities, misconfigurations and excess privilege that affects data and AI resources.

What advice would you give to regional businesses looking to strengthen their cybersecurity posture in 2025?
Today’s environment brings numerous opportunities for misconfigurations and overlooked assets which makes it nearly impossible for cybersecurity leaders to obtain a unified view of their exposure. Too often, cybersecurity professionals develop an orientation toward reactive, incident-focused practices. Therefore, preventive tasks are often relegated to nothing more than a compliance exercise which leaves security teams unable to effectively evaluate what’s happening across the attack surface. When it comes to cyber attacks, particularly in the case of ransomware, its game over once cyber criminals have breached defences and run off with databases full of sensitive information. You can’t put the genie back in the bottle!

Instead, by focusing resources on the vulnerabilities that are exploitable and understanding how attackers chain vulnerabilities and misconfigurations, security teams can design more complete strategies for reducing their overall risk exposure and prevent attacks. Understanding attacker behaviour helps inform security programs and prioritise security efforts to focus on areas of greatest risk and disrupt attack paths, ultimately reducing exposure to cyber incidents.

1. Cloud AI workloads aren’t immune to vulnerabilities: Approximately 70% of cloud AI workloads contain at least one unremediated vulnerability. In particular, Tenable Research found CVE-2023-38545—a critical curl vulnerability—in 30% of cloud AI workloads.
2. Jenga-style cloud misconfigurations exist in managed AI services: 77% of organizations have the overprivileged default Compute Engine service account configured in Google Vertex AI Notebooks. This means all services built on this default Compute Engine are at risk.
3. AI training data is susceptible to data poisoning, threatening to skew model results: 14% of organizations using Amazon Bedrock do not explicitly block public access to at least one AI training bucket and 5% have at least one overly permissive bucket.
4. Amazon SageMaker notebook instances grant root access by default: As a result, 91% of Amazon SageMaker users have at least one notebook that, if compromised, could grant unauthorized access, which could result in the potential modification of all files on it.

“When we talk about AI usage in the cloud, more than sensitive data is on the line. If a threat actor manipulates the data or AI model, there can be catastrophic long-term consequences, such as compromised data integrity, compromised security of critical systems and degradation of customer trust,” said Liat Hayun, VP of Research and Product Management, Cloud Security, Tenable. “Cloud security measures must evolve to meet the new challenges of AI and find the delicate balance between protecting against complex attacks on AI data and enabling organizations to achieve responsible AI innovation.”

“CISOs are overwhelmed with scattered security products, siloed tools and disjointed teams which makes protecting their organizations from exposure a massive undertaking. As the pioneer behind Exposure Management, we are driven to solve this central challenge of modern security — a fragmented approach to identifying and combating cyber risk,” said Steve Vintz, Co-CEO and CFO, Tenable. “That is what this acquisition is all about. With Vulcan, we’re accelerating our Tenable One vision to radically unify security visibility, insight and action across the attack surface – from the data centre to the cloud – to rapidly expose and close the gaps that put businesses at risk.”

Steve Vintz, Co-CEO and CFO, Tenable

Tenable plans to expand the Tenable One Exposure Management Platform with Vulcan Cyber’s robust capabilities, including enhanced visibility, extended third-party data flows, superior risk prioritization, and optimized remediation. By consolidating and aggregating vast amounts of data into the most comprehensive Exposure Management platform, Tenable is empowering organizations to confidently reduce risk across their entire environment.

“These capabilities aren’t just technical enhancements – they represent a fundamental shift in how organizations will manage cyber risks holistically into the future. For example, while having a cloud security platform is critical on its own, its power is exponentially amplified when treated as part of a comprehensive exposure management approach,” said Mark Thurmond, Co-CEO and COO, Tenable. “By uniting disparate tools and data under one roof, we’re providing security teams with a full-spectrum view of their attack surface, enabling them to prioritize what matters most and act decisively to address vulnerabilities.”

With the addition of Vulcan Cyber, Tenable One customers will gain:

1. Expanded Third-Party Ecosystem Data: By integrating with more than 100 security products across vulnerability assessment, endpoint security, cloud security, application security, and threat intelligence, Tenable will ingest, normalize, and unify data across the security stack. This streamlined approach centralizes critical data and empowers security teams to operate more efficiently and proactively across the entire attack surface.
2. AI-Powered Risk Prioritization: Siloed security products create blind spots where attackers thrive, leaving critical gaps across the attack surface. Enhanced risk prioritization closes these gaps by integrating enriched threat intelligence and context, helping organizations focus on the most critical vulnerabilities while optimizing the use of their security tools and technology.
3. Automated Remediation Workflows: Optimized remediation with automated campaigns, advanced tagging and ticketing ensure that security issues, along with corrective guidance, get into the hands of the right security team members to automatically fix exposures quickly, wherever they might exist in their environment.
4. Advanced AI capabilities: Leveraging a single unified risk data set, Tenable is laying the foundation for advanced exposure AI capabilities that will revolutionize how customers manage and mitigate risk across the security stack.

“We’re thrilled to join forces with Tenable. Integrating Vulcan Cyber’s capabilities into the Tenable One platform will uniquely address all exposure management use cases across the entire attack surface,” said Yaniv Bar-Dayan, Co-Founder and CEO, Vulcan Cyber. “For the first time at scale, security teams will be able to consolidate exposure findings from multiple sources into a single, actionable interface. We are excited to start working with Tenable and their customers to remediate exposure risk.”

AI adoption and increased security scrutiny
In 2025 and beyond, we’ll see more organisations incorporating AI into their infrastructure and products as the technology becomes more accessible. This widespread adoption will lead to data being distributed across a more complex landscape of locations, accounts and applications, creating new security and infrastructure challenges. In response, CISOs will prioritise the development of AI-specific policies and security measures tailored to these evolving needs. Expect heightened scrutiny over vendor practices, with a focus on responsible and secure AI usage that aligns with organisational security standards. As AI adoption accelerates, ensuring secure, compliant implementation will become a top priority for all industries.

The growth of distributed data will be a boon for cybercriminals
As data volumes grow and become more distributed across multi-cloud environments, the risk of data breaches will rise significantly. With AI tools relying on vast amounts of customer data, cybercriminals will have more opportunities to target these systems, making data exfiltration and unauthorised access easier. Organisations will face an escalating risk as attackers exploit these expanding data environments to achieve malicious goals.

AI-powered attacks will outpace traditional security measures
Despite the best efforts of companies like OpenAI, Google and Microsoft to implement robust security protocols, cybercriminals now have powerful tools at their disposal, including AI-driven virtual assistants that can streamline and amplify their attacks. As data volumes continue to surge and become more accessible, the appeal and ease of targeting sensitive information will grow. This convergence of advanced attack tools and abundant data will make it increasingly difficult for organisations to stay ahead of evolving cyber threats.

Data is business fuel but secure AI adoption is critical
These predictions should not deter organisations from embracing AI. Instead, they underscore the importance of developing robust strategies for secure and responsible AI adoption. Organisations must focus on integrating AI into their systems securely rather than viewing it as a risky proposition.

“Organisations must understand that data is the fuel driving their business—it enables insights, fosters collaboration, and powers innovation,” said Liat Hayun, VP of Product Management and Cloud Security Research at Tenable. “As AI adoption skyrockets and data storage demands grow, safeguarding distributed data has never been more critical. As we head into 2025, business leaders and security teams must strike a careful balance between innovation and security, ensuring that AI initiatives do not inadvertently open new doors for cyber attackers.”

In addition, Tenable will share details of its 2024 Cloud Risk Report. The report reveals that nearly four in 10 organisations (38%) have an elevated level of exposure from workloads bearing an especially risky blend of security gaps. Tenable refers to this blend as the “toxic cloud trilogy,” defined as any cloud workload having these three risk factors:

• A critical vulnerability
• Excessive permissions
• Public exposure

“A toxic cloud trilogy increases risk by making the workload’s weaknesses easier for attackers to exploit, ultimately making the scope of exploitation potentially greater,” said Maher Jadallah, Vice President, Middle East & North Africa, Tenable. “Security teams often have to juggle multiple clouds and identities across a converged IoT, OT and IT landscape. Tenable helps to expose and close the priority security gaps that put businesses at risk. Our team will be on hand to help visitors understand how to visualise the toxic cloud trilogy in their environments and empower them to eradicate their exposure.”

The Tenable team will be offering demonstrations of its AI-powered exposure management solutions that illuminate the attack paths that exist within organisations’ infrastructure, from IT infrastructure to the cloud, to Operational Technology (OT) and everywhere in between including TenableOne, Tenable Cloud Security and Tenable OT Security.

Check out the GITEX 2024 Special Edition: https://arabianreseller.com/oct2024

Security gaps caused by misconfigurations, risky entitlements and vulnerabilities combine to dramatically increase cloud risk. The Tenable Cloud Risk Report provides a deep dive into the most pressing cloud security issues observed in the first half of 2024, highlighting areas such as identities and permissions, workloads, storage resources, vulnerabilities, containers and Kubernetes. It also offers mitigation guidance for organizations seeking ways to limit exposures in the cloud.

Publicly exposed and highly privileged cloud data lead to data leaks. Critical vulnerabilities exacerbate the likelihood of incidents. The report reveals that a staggering 38% of organizations have cloud workloads that meet all three of these toxic cloud triad criteria, representing a perfect storm of exposure for cyber attackers to target. When bad actors exploit these exposures, incidents commonly include application disruptions, full system takeovers, and DDoS attacks that are often associated with ransomware. Scenarios like these could devastate an organization, with the 2024 average cost of a single data breach approaching $5 million.

Additional key findings from the report include:

• 84% of organizations have risky access keys to cloud resources: The majority of organizations (84.2%) possess unused or longstanding access keys with critical or high severity excessive permissions, a significant security gap that poses a substantial risk.
• 23% of cloud identities have critical or high severity excessive permissions: Analysis of Amazon Web Services (AWS), Google Cloud Platform (GCP) and Microsoft Azure reveals that 23% of cloud identities, both human and non-human, have critical or high severity excessive permissions.
• Critical vulnerabilities persist: Notably, CVE-2024-21626, a severe container escape vulnerability that could lead to the server host compromise, remained unremediated in over 80% of workloads even 40 days after its publishing.
• 74% of organizations have publicly exposed storage: 74% of organizations have publicly exposed storage assets, including those in which sensitive data resides. This exposure, often due to unnecessary or excessive permissions, has been linked to increased ransomware attacks.
• 78% of organizations have publicly accessible Kubernetes API servers: Of these, 41% also allow inbound internet access. Additionally,
• 58% of organizations have cluster-admin role bindings — which means that certain users have unrestricted control over all the Kubernetes environments.

“Our report reveals that an overwhelming number of organizations have access exposures in their cloud workloads of which they may not even be aware,” said Shai Morag, chief product officer, Tenable. “It’s not always about bad actors launching novel attacks. In many instances, misconfigurations and over-privileged access represent the highest risk for cloud data exposures. The good news is, many of these security gaps can be closed easily once they are known and exposed.”

Scattered products, siloed views and disjointed teams are struggling to hold back threats across a fragmented attack surface. The cyber risk challenge won’t be won with security strategies and solutions that stand divided. Enterprises need one view of risk across all assets, to connect the dots between the damaging risk relationships that span solution silos and bring together disparate teams with the intelligence they need to strengthen defenses and protect against attacks as one.

Tenable exists to expose and close the resulting priority security gaps that put businesses at risk. Our industry-leading exposure management platform radically unifies security visibility, insight and action across the attack surface, equipping modern organizations to protect against attacks, from IT infrastructure to the cloud to OT and everywhere in between.

“Rapid advancements in technology and digital transformation make it challenging for organizations to stay one step ahead of attackers,” said Maher Jadallah, Senior Director Middle East & North Africa, Tenable. “Security teams often have to juggle multiple clouds and identities across a converged IoT, OT and IT landscape. At GITEX 2024, we will show organizations how they can expose and close the priority security gaps that put their businesses at risk. Our team will be on hand to help visitors reimagine cybersecurity as a global force for eradicating their exposure.”

Federal agencies face unique security and compliance regulations when deploying cloud solutions, and Tenable Enclave Security is key to supporting public sector customers, as well as commercial organizations with strict data residency, security or privacy requirements.

Built to support the strictest security requirements, including FedRAMP High and Impact Level 5, Tenable Enclave Security empowers agencies to know, expose and close IT and container exposures from a single, highly secure platform. This consolidated approach also eliminates tool sprawl, reduces costs and boosts efficiency for public sector organizations.

“As a leader in vulnerability management and cloud security and a longtime partner of governments all around the world, we’re perfectly positioned to tap into our expertise and deliver mission-critical capabilities to assist government agencies as they transform their IT strategy and safely embrace modern workloads to speed innovation,” said Robert Huber, chief security officer and president, Tenable Public Sector, Tenable. “With Tenable Enclave Security, agencies are now able to gain a fuller understanding of their exposure and risk with the ability to continuously discover, assess and prioritize vulnerabilities across IT assets and container images, all from a single, highly secure framework.”

Tenable Enclave Security will immediately enable organizations to:

1. Meet cloud security and data residency restrictions: Tenable Enclave Security enables customers to meet stringent cloud security and data residency requirements, such as FedRAMP High or Impact Level 5. It can meet customers’ needs wherever they reside, with the ability to be deployed on-prem, in a virtual private cloud or commercial cloud.
2. Secure containers before they hit production: As agencies modernize their infrastructure, containers create a more efficient manner to create applications and modernize existing ones. Tenable Enclave Security empowers organisations to quickly assess the risk in their container images, expose their vulnerabilities and understand the breadth of impact.
3. Centralise security tools: Unlike siloed solutions with fragmented visibility, Tenable Enclave Security protects IT assets and modern workloads from a single deployment architecture.