A new era of threats and defenses
As we look ahead to 2025, the cybersecurity landscape is poised to become more complex, with evolving threats and emerging technologies necessitating a rethinking of traditional security models. Predicting the future is always a challenge, but in my opinion, these trends will shape the cybersecurity field this year.
JEEVAN THANKAPPAN
jeevan@gcemediagroup.com
First, ransomware is expected to grow in sophistication. Cybercriminals will leverage automation and advanced encryption methods to target enterprises and critical infrastructure.
“Ransomware-as-a-service” models are likely to become more prevalent, enabling less-skilled actors to carry out large-scale attacks. Additionally, double extortion tactics—encrypting data while threatening public leaks—will become more common, driving organizations to invest heavily in robust incident response plans.
While AI has proven to be a powerful tool for strengthening cybersecurity defenses, it is also increasingly being weaponized by adversaries. AI-powered threats will include automated phishing campaigns, adaptive malware, and machine learning-driven attacks capable of bypassing traditional detection mechanisms. Defenders will need to use AI proactively to predict and neutralize such attacks before they occur.
Another critical trend to monitor is the security of critical infrastructure. Sectors such as energy, healthcare, and transportation are becoming more digitized and interconnected, making them prime targets for cyberattacks. A breach in these systems could have catastrophic consequences, from power outages to compromised healthcare services. Governments and organizations must prioritize protecting these systems through real-time monitoring and advanced threat intelligence. Finally, it is clear that traditional perimeter-based security models are no longer sufficient in an era dominated by cloud computing, remote work, and IoT devices. Organizations must transition to a “zero trust” framework, which assumes that no entity—whether inside or outside the network—can be trusted by default.
As threats evolve and attack surfaces expand, cybersecurity in 2025 will demand agility, innovation, and collaboration across industries and governments. The stakes are higher than ever, and only those who adapt quickly will thrive in this ever-changing digital landscape.
PUBLISHER TUSHAR SAHOO TUSHAR@GECMEDIAGROUP.COM
CO-FOUNDER & CEO RONAK SAMANTARAY RONAK@GECMEDIAGROUP.COM
GLOBAL HEAD, CONTENT AND STRATEGIC ALLIANCES ANUSHREE DIXIT ANUSHREE@GECMEDIAGROUP.COM
MANAGING EDITOR JEEVAN THANKAPPAN JEEVAN@GCEMEDIAGROUP.COM
ASSISTANT EDITOR SEHRISH TARIQ SEHRISH@GCEMEDIAGROUP.COM
CHIEF COMMERCIAL OFFICER RICHA S RICHA@GECMEDIAGROUP.COM
PROJECT LEAD JENNEFER LORRAINE MENDOZA JENNEFER@GECMEDIAGROUP.COM
SALES AND ADVERTISING SALES@GECMEDIAGROUP.COM
PH: + 971 562 151 157
DIGITAL TEAM
IT MANAGER VIJAY BAKSHI
PRODUCTION, CIRCULATION, SUBSCRIPTIONS INFO@GECMEDIAGROUP.COM
CREATIVE LEAD AJAY ARYA
DESIGNERS SHADAB KHAN, JITESH KUMAR, SEJAL SHUKLA
PRODUCTION RITURAJ SAMANTARAY S.M. MUZAMIL
DESIGNED BY
SUBSCRIPTIONS INFO@GECMEDIAGROUP.COM
PRINTED BY
Al Ghurair Printing & Publishing LLC. Masafi Compound, Satwa, P.O.Box: 5613, Dubai, UAE Office No #115 First Floor , G2 Building Dubai Production City, Dubai United Arab Emirates Phone : +971 4 564 8684
31 FOXTAIL LAN, MONMOUTH JUNCTION, NJ - 08852 UNITED STATES OF AMERICA PHONE NO: + 1 732 794 5918
A PUBLICATION LICENSED BY International Media Production Zone, Dubai, UAE @copyright 2013 Accent Infomedia. All rights reserved. while the publishers have made every effort to ensure the accuracyof all information in this magazine, they will not be held responsible for any errors therein.
Axis Communications to showcase the future of physical security and safety at Intersec Dubai 2025
Axis Communications will be exhibiting at Intersec Dubai 2025 where the company will showcase product innovations, demonstrate key product offerings, participate in thought leadership events, and engage with stakeholders from across the safety and security industries.
The 26th edition of the premier event will take place from 14 to 16 January 2025 at the Dubai World Trade Centre. “The security landscape is constantly evolving and nowhere is that more apparent with the adoption of intelligent technologies. Backed by our reputation for, quality, reliability, and innovation, we’re ready to explore what’s possible and show business, industry, and government leaders the power and impact of Axis,” said Ettiene Van Der Watt, Regional Director for Middle East, Central Asia, and Africa at Axis
Communications.
A major feature of the Axis exhibition stand will be a showcase of Axis’s vision of an AI-enabled future where artificial intelligence transforms traditional processes and plays a role in how people live, and businesses operate. Some key features include AI-enhanced cameras that can detect and respond to specific events, how enabled cameras and sensors can improve business processes through quality control and predictive maintenance, cybersecurity through advanced threat detection and mitigation, and data analytics. Stand visitors will also have the opportunity to enjoy hands-on demonstrations and learn more about the use of AI-powered applications with Axis solutions.
Axis’s presence at Intersec Dubai 2025 follows the company’s recent announcement of the 9th generation of its purpose-built system-on-chip (SoC), ARTPEC-9. Refining and adding to the capabilities of previous generations of Axis’s in-house SoC, ARTPEC-9 boasts incredibly low bitrate, quality imaging, strengthened cybersecurity, and next-generation AI-powered analytics.
Huawei’s multi-layered ransomware defense solution for storage wins the “Gold Award for Best Cybersecurity Solution.
Recently, Huawei’s Multi-layered Ransomware Protection Solution (MRP) won the “Gold Award for Best Cybersecurity Solution” at the 10th Extraordinary Annual Awards Ceremony organized by the Communications Association of Hong Kong. The award was presented by Mr. Leung Chung-yin, Director-General of Communications at the Communications Authority Office of the Hong Kong Special Administrative Region Government, to Mr. Bi Jinjun, Vice President of ICT Marketing Solutions for Huawei Hong Kong.
Mr. Leung Chung-yin (left), Director-General of Communications at the Communications Authority Office of the Hong Kong Special Administrative Region Government, presented the award to Mr. Bi Jinjun (right), Vice President of ICT Marketing Solutions for Huawei Hong Kong.
a prime target for hackers deploying ransomware attacks. Ransomware is characterized by strong stealth capabilities, frequent mutations, and high destructiveness. It often exploits
zero-day vulnerabilities and phishing emails to infiltrate systems and can remain dormant for weeks or even months, making it difficult for traditional antivirus software to quickly detect and eliminate.
intercept about 90% of ransomware, storage, as the final repository for data, serves as the last line of defense for data security. It must promptly detect any ransomware attempts to modify data. By leveraging technologies such as detection and analysis, secure snapshots, backup and recovery, and physical isolation, storage systems ensure that ransomware “cannot infiltrate or alter data” while keeping data “recoverable and isolated.”
In recent years, data infrastructure has been
While network-level defense measures can
Leveraging its self-developed capabilities across storage and networking, Huawei has innovatively introduced multi-layered, storagenetwork collaborative protection technology for data security, significantly enhancing storage’s proactive recovery capabilities. Huawei is currently the first in the industry to offer this technology. The solution is characterized by “Precise Detection,” “Comprehensive Protection,” and “Rapid Recovery”.
Ettiene van der Watt, Regional Director – MEA at Axis Communications
BlueVerve
THE HEARTBEAT OF HEALTHY LIVING
Johnny Karam, Managing Director and Vice President, International Emerging Markets at Cohesity
Cohesity expands cyber event response service with incident response provider partnerships, fortifying cyber resilience
Cohesity has expanded the Cohesity Cyber Event Response Team (CERT) service to include partnerships with leading incident response (IR) vendors. The Cohesity CERT team has years of specialized incident response expertise and has helped numerous customers respond and recover quickly from high-stakes security events since its formation in 2021. By partnering with leading IR vendors such as Palo Alto Networks Unit 42, Arctic Wolf, Sophos, Fenix24, and Semperis, Cohesity CERT augments the traditional IR process, infusing rich data and backup and recovery expertise, helping to speed investigations and enable customers to recover quicker from incidents.
Using native platform capabilities, Cohesity CERT can share a consolidated set of customer-approved operational data with its IR partners, including logs, reports, inventories, and more. This rich dataset, together with Cohesity CERT’s deep data security and recovery expertise, enhances the digital forensics, threat intelligence, and containment capabilities of IR partners, enabling them to perform more effective and efficient analysis of the cyber incident and quickly resolve issues while reducing business downtimes. Customers also have peace of mind their IR partner of choice can collaborate directly with Cohesity to streamline their cyber response and ensure they restore clean data faster.
“With ransomware, data breaches, and other cyber threats becoming an unavoidable reality, organizations need the assurance that they can bounce back faster, stronger, and smarter,” said Sanjay Poonen, CEO, Cohesity. “Cohesity CERT is a natural extension of our mission to empower organizations with resilient, secure data management. We’re doubling our commitment to our customers by ensuring they have the expertise and tools to navigate and recover from cyber crises effectively. Cyber resilience is the cornerstone of modern cybersecurity, and we are committed to helping our customers achieve it.”
Synology launches ActiveProtect to simplify business data protection
Synology has announced the general availability of ActiveProtect, a new line of data protection appliances that integrate enterprise backup software, server, and backup repository into a unified solution. Designed to simplify complex data protection, ActiveProtect offers comprehensive platform support, advanced security, and scalability, all with a transparent pricing model.
“Data protection should empower businesses, not be a burden to businesses,” said Jia-Yu Liu, Executive Vice President at Synology. “ActiveProtect embodies Synology’s expertise in hardware and software engineering and insights from close collaboration with customers. We are confident that ActiveProtect will exceed enterprises’ expectations for data protection.”
“Synology AP Series has proven to be exceptional in both management efficiency and data protection,” said Liao, IT Manager at J-Shine International Logistics. “Our experience has been very satisfying so far. The installation process is quick and straightforward, eliminating many of the complicated steps we used to face. Furthermore, the unified management interface has reduced the time needed for daily backup server maintenance to just one-tenth of what it was before. Its nearly 80% deduplication rate also provides significant cost savings.”
Performance statistics are based on internal testing and may vary depending on environmental factors and specific configurations.
GLOBAL CIO EXPERTISE, DRIVING INNOVATION FOR PEOPLE AND PLANET
CONSULTING | RESEARCH | ON DEMAND
RESEARCH
INSIGHT & BENCHMARKING
EMERGING TECHNOLOGIES
GOVERNANCE
RISK & COMPLIANCE
CYBER SECURITY
DIGITAL TRANSFORMATION
DEOPS & DIGITAL INFRASTRUCTURE
ERP & CRM
CyberHive joins forces with UAE-based Meerana to develop cyber security solutions to protect against online threats
CyberHive, a leading UK-headquartered global cyber security company with a regional head office in Dubai, has signed a Memorandum of Understanding (MOU) with UAE-based technology Meerana. The strategic collaboration aims to drive technological excellence and ensure a more secure digital future for organisations worldwide.
Facilitated under the sponsorship of Dubai Chambers, CyberHive and Meerana inked the MoU at the most recent Dubai Business Forum in London. With focuses including trade, finance and technology, the invitationonly event saw business leaders and investors strengthen existing ties between the UK and Dubai and forge new relationships by exploring opportunities for collaboration and growth across myriad sectors.
According to the UAE Cyber Security Council’s State of the UAE – Cybersecurity Report 2024, the Emirates is home to at least 155,000 vulnerable assets, with more than 40% of the top vulnerabilities being over five years
old. CyberHive’s cutting-edge solutions offer an essential toolkit for organisations across the full spectrum of industry as they attempt to safeguard themselves and their clients against ever-evolving online threats.
Ben Locke, GCC Distributor, CyberHive, said: “My colleagues and I are thrilled to have entered into this strategic relationship. Having firmly established itself as a leader in developing and implementing smart solutions, Meerana is ideally placed to leverage CyberHive’s comprehensive suite of threat protection modules to provide enhanced security to organisations across the UAE and beyond.
“At CyberHive, we are committed to building partnerships that accelerate innovation and result in simple, secure and performant solutions,” Locke continued. “We look forward to working closely with our counterparts at Meerana to advance cyber security solutions and foster fresh innovation.”
Matar Almehairi, Founder and Chief Executive Officer, Meerana, said: “Through this
MOU with CyberHive, we are advancing our commitment to pioneering innovative cyber resilience solutions. By leveraging cutting-edge technologies and adaptive strategies, we aim to provide robust and future-ready security frameworks for businesses and government entities across the UAE.”
Milestone systems sets new pace, outgrows global VMS market
At Intersec 2025, the Middle East’s flagship security and safety event, Milestone Systems made a resounding statement about the future of datadriven video surveillance and analytics. The Danish video management software (VMS) leader showcased its latest innovations, highlighting the transformative role of artificial intelligence (AI) in redefining safety and operational efficiency across industries.
A Growing Regional Footprint
According to the independent, global analyst company Omdia, Milestone Systems is estimated to be the largest supplier of video management software in the Middle East and Europe.
The Middle East, a region investing heavily in smart cities and large-scale infrastructure, has proven fertile ground for Milestone’s ambitious
growth. The company has consistently outpaced the average growth rate of 8-9% in the VMS sector, driven by heightened demand for robust and intelligent surveillance solutions.
“We are proud to participate for the 15th time in Intersec 2025, as a security leader in the transformation of the Middle East towards smart cities.” said Louise Bou Rached, Regional Director of META at Milestone Systems “Our strategy is to strengthen partnerships with integrators, resellers, and endusers to drive growth and innovation and simultaneously expand our presence in the MENA region.”
Milestone’s plans include strategically bolstering its UAE operations and Saudi Arabia’s rapidly growing market, where smart city initiatives like NEOM signal tremendous potential.
Louise Bou Rached, Regional Director of META at Milestone Systems
Kenan Abu Ltaif as regional lead for the Middle East and Turkey
Proofpoint Appoints Kenan Abu Ltaif as Regional Lead for the Middle East and Turkey
Proofpoint, announced the appointment of Kenan Abu Ltaif as Regional Lead for the Middle East and Turkey. With almost three decades of leadership experience in the IT industry, the cybersecurity expert will continue to drive Proofpoint's expansion in the region.
In his new role, Abu Ltaif will be responsible for managing the business operations in the region, acquiring new customers, developing the high-performing local team and driving innovation and growth in the market. This new appointment underscores Proofpoint's ongoing commitment to investing in a high-growth region that is strategically important to the company.
Abu Ltaif brings more than 28 years of leadership experience in the IT industry. Having held key roles at global leaders such as Cisco AppDynamics, Citrix, Symantec, McAfee, and NCR, he has consistently demonstrated expertise in driving results and fostering growth.
As the cyber threat landscape in the Middle East continues to evolve, human error remains the top concern for CISOs in the UAE, with 76% citing this as their biggest vulnerability, according to Proofpoint’s 2024 Voice of the CISO Report. But while regional security leaders in the region are concerned about cyberattacks, they are demonstrating increasing confidence in their ability to defend against them: 56% of CISOs in the UAE feel prepared to cope with a cyberattack, an increase from 51% last year. The majority (89%) are looking to deploy AI-powered capabilities to help protect against human error and advanced human-centered cyber threats.
“Organizations in the UAE face a rapidly evolving threat landscape and our main objective over the coming years is to continue protecting companies in the region, with innovative, AI-powered solutions,” said Emile Abou Saleh, Senior Regional Director, Middle East, Turkey and Africa at Proofpoint. "As we continue to expand in the Middle East, we’re confident Kenan’s impressive track record and vision will be invaluable as we advance our goal to deliver humancentric cybersecurity to more organizations in this dynamic market.”
CrowdStrike launches Insider Risk Services to combat insider threats
CrowdStrike today launched CrowdStrike Insider Risk Services, a comprehensive set of offerings designed to help organizations detect and prevent insider threats from negligent employees, malicious insiders and sophisticated adversaries. With CrowdStrike’s new services, organizations can proactively address vulnerabilities, strengthen defenses and mitigate insider risks before they escalate.
The total average cost of activities to resolve insider threats over a 12-month period has risen to $16.2 million, highlighting the impact insider incidents can have on an organization. Insider threats have evolved to include both adversaries posing as legitimate employees to exploit trust and infiltrate environments, as well as internal employees compromising security through negligence or malicious intent. Despite these challenges, many organizations still lack a formal insider risk program, leaving critical gaps in their defenses.
CrowdStrike Insider Risk Services empowers organizations to proactively identify and mitigate insider risks before they escalate. By combining the industry-leading threat detection and response capabilities of the CrowdStrike Falcon® cybersecurity platform with advanced threat intelligence, threat hunting, tailored assessments, program reviews and expert-led incident response, CrowdStrike delivers multi-layered defense strategies that set the standard for insider risk management.
CrowdStrike’s intelligence-driven approach recently uncovered tactics used by the DPRKnexus adversary FAMOUS CHOLLIMA, a prolific insider threat group that infiltrated over 200 U.S. technology companies by disguising malicious activities as legitimate employment – highlighting the critical need for proactive defenses against insider risks.
What are the biggest cybersecurity challenges organizations will face by 2025?
In. 2025, organizations will be confronted by a cybersecurity risk surface shaped by advanced threats, growing complexity, and attack vectors using identity-based attacks and malware-less (lay of the land) infiltration. The bulk of these will be AI-driven cyberattacks that will outpace human response capabilities, with threat actors leveraging generative AI to create more sophisticated phishing campaigns, spoof human interaction with deepfakes, and create reliable exploits to vulnerabilities faster. The proliferation of Internet of Things (IoT) devices, and targeted attacks on Operation Technology (OT) will expand attack surfaces, making critical infrastructure and industrial systems prime targets. The bulk of these attacks will be attributed to nation states and organized crime syndicates looking to capitalize on global agendas and extortion via ransomware. All in all, many of these incidents will be conducted via supply chain attacks, as adversaries exploit interconnected ecosystems to breach organizations
BeyondTrust
MOREY HABER Chief Security Advisor at BeyondTrust
indirectly. While the primary entry points will continue to be social engineering using new AI techniques, the lateral movement between organizations will take focus in 2025, combining all of these predictions.
How do you see the threat landscape evolving with emerging technologies like AI and quantum computing?
With the rise of quantum computing, and advancements in chips like Google Willow, an existential threat to traditional encryption methods will lead to difficult and costly discussions on how to implement quantumresistant algorithms in sensitive systems from governments through the financial sector. The cyber skills gap in these emerging disciplines will leave organizations under-resourced, stressed for expertise, and invite regulatory scrutiny in subsequent years.
If you could give one piece of advice to businesses preparing for 2025, what would it be?
As a response to these threats mentioned above, organizations must prioritize adaptive security frameworks, integrate AI defenses, and foster a culture of cyber resilience with education, training, and the removal of excessive technical debt. Collaboration across industries will also be vital to counter supply chain attacks and manage these threats targeting employees, contractors, and vendors, regardless of where they work and how they access corporate resources.
What are the biggest cybersecurity challenges organizations will face by 2025?
Cybercriminals today are leveraging AI to create advanced phishing schemes, automate attacks, and bypass traditional security measures, outpacing many organizations' defensive capabilities. One of the most significant challenges will be combating AI-driven cyberattacks.
The expansion of the attack surface is another critical concern. As organizations adopt IoT, cloud platforms, and remote work solutions, the number of entry points for cyberattacks grows exponentially. Securing these interconnected systems and ensuring seamless integration with existing infrastructure will be a daunting task.
The rise of ransomware-as-a-service (RaaS) further complicates the landscape. These pre-packaged ransomware tools lower the barrier to entry for cybercriminals, leading to more frequent and damaging attacks. Organizations must invest in robust recovery plans and
SentinelOne
MERIAM ELOUAZZANI
Senior Regional Director, META, SentinelOne
proactive threat detection to minimize disruption.
Data privacy and compliance will also remain a challenge, with new regulations and escalating consumer demands for transparency. Organizations must adapt quickly to global and regional data protection laws while safeguarding sensitive information against breaches. Finally, the cybersecurity talent shortage will persist, making it harder to build and retain skilled teams. Automation, AI-powered solutions, and upskilling initiatives will be crucial to addressing this gap.
How do you see the threat landscape evolving with emerging technologies like AI and quantum computing?
Emerging technologies like AI and quantum computing are reshaping the cybersecurity threat landscape, creating both new risks and opportunities. AI, for instance, is a double-edged sword. While it enhances threat detection and response capabilities, it also empowers attackers to execute more sophisticated and targeted attacks. AI-driven tools can automate phishing campaigns, generate deepfakes for social engineering, and even evade traditional security mechanisms through adaptive techniques.
Quantum computing represents a seismic shift in cybersecurity. Once fully realized, quantum computers could break widely used encryption algorithms like RSA and ECC, rendering much of today’s cryptographic infrastructure obsolete. This poses a significant risk for industries reliant on secure communication, such as finance, healthcare, and defense. To counteract this, organizations must start preparing for post-quantum cryptography, adopting algorithms resistant to quantum decryption capabilities.
The combination of these technologies could also lead to AI-guided quantum attacks, where AI identifies vulnerabilities while quantum computing exploits them at unprecedented speed. Additionally, as these technologies become more accessible, the democratization of advanced tools could lead to an increase in cybercrime by less skilled actors. To address these challenges, organizations must focus on innovation in AI-based defense mechanisms, invest in quantum-safe encryption, and collaborate with governments and academia.
What are some innovative cybersecurity solutions you foresee becoming mainstream by 2025?
By 2025, leveraging hyperautomation and AI, autonomous SOCs will enable continuous, real-time threat detection and response with
minimal human intervention. These systems use adaptive learning to counter evolving cyberattacks, significantly reducing response times and operational costs.
AI-SIEM platforms will also dominate as they provide enhanced threat detection, rootcause analysis, and anomaly detection with unparalleled precision. These systems will help security teams focus on high-priority risks while reducing alert fatigue.
With quantum computing on the horizon, quantum-resistant encryption will become vital. PQC algorithms will secure sensitive data against decryption by quantum computers, ensuring long-term data protection.
As hybrid work persists, ZTNA will replace traditional VPNs, offering secure access based on continuous identity verification and context-aware policies.
If you could give one piece of advice to businesses preparing for 2025, what would it be?
I would tell professionals to “Adopt a proactive, resilience-first approach to cybersecurity.”
In the next year and beyond, the pace of technological advancements and the sophistication of cyber threats will demand businesses to rethink their strategies. Rather than reacting to incidents, organizations must focus on building cyber resilience - the ability to anticipate, withstand, and rapidly recover from cyberattacks.
This begins with embracing zero-trust principles. Assume every device, user, and application is untrustworthy until verified. Implement robust identity and access management, continuous monitoring, and least-privilege policies to minimize risks.
Invest in automation and AI-driven tools to enhance threat detection, response, and recovery processes. Autonomous SOCs, AI-SIEM platforms, and extended detection and response (XDR) solutions can streamline operations, enabling faster and more effective mitigation of threats.
Prepare for the quantum era by adopting post-quantum cryptography to safeguard data against future decryption risks. Similarly, ensure compliance with evolving data protection regulations, particularly as privacy laws continue to expand globally.
Finally, prioritize employee training and foster a culture of cybersecurity awareness. The human factor remains one of the weakest links in security; empowering teams with knowledge and tools will significantly reduce vulnerabilities.
What are the biggest cybersecurity challenges organizations will face by 2025?
Unfortunately, 2025 is likely to be more of the same, with the threats from cyberattacks continuing to rise. While it’s easy to focus on the growing sophistication of AI-powered cyberattacks, ransomware, and the expanding attack surface as businesses embrace digital transformation, I believe the biggest challenge organizations face is optimism bias and complacency. It’s human nature to think "it won’t happen to me," and many businesses fall into this mindset. Despite numerous studies showing that cyberattacks and data breaches are the top risks for organizations, many of these same businesses fail to implement proper policies, invest in secure technologies, or provide adequate training for staff.
Cybersecurity needs to be embedded in the DNA of an organization, not just left to those directly responsible for it. While there are
AXIS COMMUNICATIONS
STEVEN KENNY
Architect & Engineering Program Manager – EMEA at Axis Communications
excellent examples of organizations that have gotten this right, they remain the minority. The hope is that regulations like the NIS2 Directive will make a difference, but the true benefits will likely take time to materialize. Ultimately, organizations must move beyond a reactive mindset and take proactive, comprehensive steps to address cybersecurity risks at every level.
How do you see the threat landscape evolving with emerging technologies like AI and quantum computing?
Emerging technologies like AI and quantum computing have the potential to significantly reshape the cybersecurity landscape. AI will be a double-edged sword. While it will enable security systems to proactively detect threats, attackers will also use it to automate and enhance their strategies, making cyberattacks faster and harder to defend against. In addition to traditional cyberattacks, AI will also be used for scams, such as deepfake, that trick businesses into transferring funds or intellectual property.
As for quantum computing, the vast majority including myself, are still in the early stages of understanding its full capabilities. We know that quantum computing will bring both new opportunities and challenges, particularly for encryption. Traditional cryptographic methods may become obsolete in the face of quantum powered threats, making legacy systems even more vulnerable than they are today. One area of concern is brute force attacks, where increased computing power can both enhance attacks and improve encryption
methods. The key challenge will be ensuring that businesses invest in cybersecurity at the same pace as malicious actors. While quantum computing holds immense potential, its high costs likely mean that only state sponsored actors or large organized crime syndicates will likely have access to this today. However, those with more traditional high end computing systems could eventually gain access to similar capabilities, and these attackers are vast in numbers, even if their motivations might be different to state sponsored actors. This makes it critical for businesses to adapt rapidly to this evolving landscape. As with all technologies, in the right hands, these innovations can benefit society, but in the wrong hands, they can cause significant damage. The ethical boundaries of bad actors make this a dangerous reality to consider.
What are some innovative cybersecurity solutions you foresee becoming mainstream by 2025?
By 2025, several innovative cybersecurity solutions are expected to become mainstream. AI powered threat detection and response systems will allow organizations to identify and mitigate risks in real-time, enabling quicker, more effective responses to emerging threats. Zero Trust Architecture (ZTA) will be widely adopted, moving away from traditional perimeter-based security toward a model that continuously verifies the identity of users and devices, assuming no one is inherently trustworthy. Blockchain technology, initially known for its use in cryptocurrencies, will increasingly be leveraged for cybersecurity,
offering tamper-proof records for securing sensitive data, authentication, and IoT devices, ensuring integrity and reducing vulnerabilities. And finally, cybersecurity automation will play a critical role in bridging the skill gap by streamlining processes like threat hunting, vulnerability scanning, and patch management. Solutions like Security Orchestration, Automation, and Response (SOAR) platforms will allow for faster incident analysis and predefined responses, minimizing damage. Additionally, advanced biometrics, including behavioral biometrics and multi-modal authentication, will enhance security by going beyond traditional methods like fingerprints, providing more robust and reliable authentication.
If you could give one piece of advice to businesses preparing for 2025, what would it be?
My advice would be to adopt a proactive cybersecurity mindset and make it a core part of your organizational culture. Don’t wait for a breach to occur before taking action. Cybersecurity should be an ongoing, evolving priority. Regularly assess and reassess risks, invest in the right technologies, and ensure your employees are continuously trained and aware of emerging threats.
As technology evolves, so do the tactics of cybercriminals. Emerging technologies like AI and quantum computing are already reshaping the threat landscape. AI will empower organizations to detect threats more effectively, but it will also be leveraged by attackers to create more sophisticated, automated cyberattacks. AI driven scams, such as deepfakes, will further complicate defences, tricking businesses into transferring funds or intellectual property. Meanwhile, quantum computing holds the potential to challenge traditional encryption methods, putting older systems and legacy infrastructure at greater risk.
Businesses must stay ahead of these changes by investing in advanced cybersecurity measures and adapting to new technological capabilities. Protecting against quantum powered threats, implementing AI-driven security tools, and transitioning to more secure encryption methods will be crucial. But beyond technology, cybersecurity needs to be integrated into the DNA of your organization—it’s not just an IT issue, but a business wide concern. By fostering a culture of security and staying proactive, you’ll be better prepared to face the evolving threats of 2025 and beyond.
What are the biggest cybersecurity challenges organizations will face by 2025?
By 2025, organizations will face critical challenges driven by the growing complexity of cyber threats and operational environments. Securing hybrid IT-OT systems will be a major hurdle, as traditional separation between these environments diminishes, and attackers exploit integration points. The proliferation of IoT devices will expand the attack surface, making it harder to manage vulnerabilities and monitor network activity. Compliance with evolving regulations, especially in critical sectors such as energy and healthcare, will demand significant resources and expertise. Moreover, ransomware and supply chain attacks will continue to evolve, targeting weaker links in global supply chains and disrupting operations. Organizations must also contend with limited cybersecurity talent, which adds pressure to deploy automated, scalable solutions. To overcome these challenges, companies need to adopt advanced tools, like AI-driven risk management and threat detection, and implement holistic security strategies that emphasize real-time visibility, resilience, and collaboration across IT and OT teams.
How do you see the threat landscape evolving with emerging technologies like AI and quantum computing?
AI is set to significantly transform the threat landscape by 2025. On the offensive side, cybercriminals are increasingly using AI to automate and enhance their attacks. AI-driven phishing campaigns can craft highly convincing messages based on behavioral data, while AI-powered malware can adapt in real-time to evade detection. Attackers may also leverage generative AI to create new vulnerabilities or manipulate systems through deceptive tactics. On the defensive side, AI offers immense potential to counteract these threats. AI-driven cybersecurity solutions enable faster, more accurate threat detection by analyzing vast amounts of data in realtime, identifying anomalies, and predicting potential risks before they materialize. Automated incident response capabilities reduce reaction times and mitigate damage from breaches. AI is also proving invaluable in securing IoT environments, where managing billions of connected devices is infeasible without intelligent automation. As AI becomes a double-edged
NOZOMI NETWORKS
KHALID ALJAMED VP for KSA, Nozomi Networks
sword in cybersecurity, organizations must embrace it strategically, using advanced tools and practices to stay ahead of AI-powered adversaries.
What are some innovative cybersecurity solutions you foresee becoming mainstream by 2025?
By 2025, several innovative cybersecurity solutions will become mainstream, driven by the need for more adaptive and proactive security measures. Adoption of AI-powered platforms will increase significantly with capabilities like predictive threat intelligence, advanced risk scoring, real-time anomaly detection and automated responses to evolving attacks. Zero Trust architectures, emphasizing strict identity verification and micro-segmentation, will see greater adoption as organizations prioritize secure access control across hybrid IT-OT environments. Additionally, edge computing security solutions will address the unique risks posed by IoT devices and remote assets, providing localized protection closer to data sources.
If you could give one piece of advice to businesses preparing for 2025, what would it be?
The best advice for businesses preparing for 2025 is to adopt a proactive, integrated approach to cybersecurity. Start by aligning IT and OT security strategies, breaking down silos to create a unified strategy that addresses vulnerabilities across all environments. Equally important is fostering a culture of cybersecurity awareness— ensure employees at all levels understand the risks and know how to identify and respond to potential threats. Stay informed about emerging technologies like quantum computing and begin transitioning to quantum-resistant encryption methods where feasible.
What are the biggest cybersecurity challenges organizations will face by 2025?
Cyberthreats evolve constantly, and every year brings a surge in incidents as organizations accelerate their digital transformation efforts. In 2024, the cybersecurity landscape became more challenging, largely due to a shortage of skilled professionals to counteract increasingly sophisticated attackers.
Ransomware remains one of the most prevalent threats, with industries such as supply chain, finance, and healthcare as prime targets. Cyber attackers employ advanced techniques to exploit networks, identifying vulnerabilities that allow them to inject malicious code and seize control. The widespread adoption of IoT systems has also expanded the attack surface, providing hackers with new entry points to exploit. Fortunately, organizations are leveraging AI-driven security solutions to automate repetitive tasks such as anomaly detection, which humans might overlook, especially in complex environments. For instance, financial institutions are using AI to identify fraudulent transactions within vast networks of legitimate ones.
How do you see the threat landscape evolving with emerging technologies like AI and quantum computing?
The adoption of AI across industries has surged, unlocking numerous use cases. While AI offers significant advantages in threat detection, it also presents opportunities for malicious actors. Cybercriminals can weaponize AI to create malware or execute sophisticated phishing campaigns, often bypassing traditional security systems by outsmarting AI defenses. The advent of quantum computing poses an even greater threat. In the wrong hands, quantum computing could dismantle encryption protocols, exposing sensitive business information to theft, manipulation, or ransom. Additionally, generative AI has shown the potential to undermine privacy and security by creating convincing deepfakes or fraudulent identities, which can be misused in verification processes or reputation-damaging schemes.
To navigate these emerging challenges, businesses must exercise caution and adopt robust cybersecurity measures. Partnering with trusted integrators like us can ensure they stay ahead in this ever-changing landscape.
CLOUD BOX TECHNOLOGIES
BIJU UNNI Vice President at Cloud Box Technologies
What are some innovative cybersecurity solutions you foresee becoming mainstream by 2025?
Several innovative solutions are expected to redefine cybersecurity practices, addressing current and emerging threats.
AI-Driven Threat Detection and Response Systems leverage AI to identify anomalies and take preventive measures before threats escalate. Secure Access Service Edge is a revolutionary solution for organizations with distributed workforces, SASE seamlessly integrates network and security functions to provide end-to-end protection.
Also, as credential theft continues to be a major risk, passwordless solutions will reduce vulnerabilities by replacing traditional authentication methods with biometrics and other advanced techniques. Additionally, blockchain’s tamper-proof nature ensures data integrity during transactions, making it a reliable option for secure and immutable record-keeping.
If you could give one piece of advice to businesses preparing for 2025, what would it be?
Vigilance is paramount in the rapidly evolving cybersecurity landscape. Businesses must prioritize safeguarding their data, employees, and customers by adopting a proactive approach to cybersecurity.
Implementing a Zero Trust Framework is a critical step. This model assumes all users and devices are untrusted until verified, ensuring thorough authentication before granting access. Regular training sessions, both in-house and with external experts, can equip employees to recognize and respond to threats such as phishing.
What are the biggest cybersecurity challenges organizations will face by 2025?
As highlighted in the 2025 Cyber Threat Landscape Predictions, organizations should brace for more sophisticated data-theft techniques, such as evolving QR code phishing scams, formjacking, and malicious browser extensions, which target sensitive payment and personal information. Moreover, credential stuffing and Man-inthe-Middle (MitM) attacks will challenge traditional protections, with attackers even capturing two-factor authentication (2FA) tokens.
The exponential growth of IoT devices will also introduce new vulnerabilities, allowing attackers to exploit these connected endpoints.
A particular concern is the rise of Living-off-the-Land (LOL) attacks, where cybercriminals bypass traditional defenses by leveraging native system tools, making detection extremely challenging, especially in Operational Technology (OT) environments.
On a larger scale, supply chain attacks will intensify as attackers infiltrate third-party suppliers to compromise larger organizations. The accessibility of AI tools will make these attacks more affordable, enabling infostealers to target digital identities and authentication data. State-sponsored actors are expected to exploit these vulnerabilities to penetrate high-profile targets, underscoring the persistent nature of these threats.
How do you see the threat landscape evolving with emerging technologies like AI and quantum computing?
AI's role in cybersecurity will evolve significantly. AI-driven attacks will enable adversaries to create highly convincing phishing and spearphishing campaigns while automating attack processes. Advanced tactics, such as deepfake content, will complicate verification processes, allowing attackers to spread disinformation and manipulate victims more effectively. Moreover, AI-powered cyber warfare could dramatically increase the speed and scale of attacks, especially against critical infrastructure.
On the defensive side, organizations must adopt AI-powered security solutions to counteract these threats. Simultaneously, the emergence of quantum computing introduces new cryptographic challenges, necessitating a rapid transition to quantum-resistant algorithms to ensure data security.
ACRONIS
SANTIAGO PONTIROLI
Lead Security Researcher, Acronis Threat Research Unit
What are some innovative cybersecurity solutions you foresee becoming mainstream by 2025?
By 2025, we can expect widespread adoption of behavioral-based and machine-learningbased anomaly detection systems, replacing traditional signature-based approaches. Endpoint Detection and Response (EDR) and Extended Detection and Response (XDR) will play critical roles in detecting and responding to advanced threats.
Additionally, the need for quantum-resistant cryptographic algorithms will become more urgent as quantum computing advances. Organizations will need to transition quickly to ensure resilience against future decryption capabilities enabled by quantum technology.
If you could give one piece of advice to businesses preparing for 2025, what would it be?
The implementation of Zero-Trust Architecture should be a top priority. This involves enforcing least-privilege access, robust identity verification, multi-factor authentication, and environment segmentation to minimize lateral movement in case of a breach. Businesses must also deploy resilient cybersecurity solutions, such as EDR/XDR, paired with comprehensive business continuity and disaster recovery plans that include safely stored backups. Additionally, businesses must stay vigilant against AI-supported disinformation campaigns, enhancing their verification processes to detect hyper-realistic content. Keeping pace with the evolving threat landscape requires proactive investments in both technology and human expertise.
What are the biggest cybersecurity challenges organizations will face by 2025?
With the evolving range of cyberattacks and ransomware attacks that have been polished with the help of emerging technologies like AI and ML, there remains a need to counter against such threats by elevating current security measures and cyberspace. AI in cybersecurity will see more traction in 2025 as traditional cybersecurity measures have been unable to cope up with sophisticated, AI-powered cyberattacks. Investment in AI technology for leveling up cyber defenses will be crucial.
With the range of cyberthreats that has evolved over recent years, cybersecurity will not be restricted to just the top organisational level of employees, it will be managed at all levels of the workforce. Each employee would play a key role in helping the organisation guard against any external threat. However, providing continuous training and cybersecurity engagement activities and equipping employees with the right know-how and self-servicing tools for it remains an obstacle.
How do you see the threat landscape evolving with emerging technologies like AI and quantum computing?
Emergent technologies like AI and ML have disrupted almost every industry sector ever since its recent boom and rapid adoption. With the rapid growth of AI and ML usage into day-to-day operations, it has also presented itself as a double-edged sword with newer evolving cyberattacks, ransomware attacks making use of these emergent technologies. The number of cyberattacks in the region and across the globe has been rising constantly with the adoption of such emergent technologies to enhance their attack capabilities. The threat landscape is only going to widen and grow with the advancements made in emergent technologies. AI-driven threats will also see more spikes, thus bringing more attention towards the need for inculcating AI in cybersecurity measures.
What are some innovative cybersecurity solutions you foresee becoming mainstream by 2025?
With the rise in emergent technologies, organisations have started catering
ManageEngine
RAJESH GANESAN President, ManageEngine
towards the need to upgrade and strengthen cyber defenses with AI and ML capabilities. AI in cybersecurity will see a lot more traction in 2025 considering the spike in cyberthreats that is led by AI-driven threats which has resulted in enhanced phishing threats, deepfakes and targeted misinformation and in exploiting vulnerabilities. Investments in AI for cyber defenses will be a key trend to become mainstream in 2025.
If you could give one piece of advice to businesses preparing for 2025, what would it be?
Modern-day organisations should now focus towards an outcome-driven IT strategy. IT leaders will need to clearly demonstrate the value generated by their IT investments or risk shrinking budgets. While dashboards provide metrics that point to the operational performance of technology, they don’t always present a clear case for the business benefits derived. That clarity can be gained by aligning IT with not only operational efficiency but also with business velocity and opportunity costs. In 2025, CIOs need to closely focus on KPIs and metrics that provide a direct link to the business outcomes that depend on them.
What are the biggest cybersecurity challenges organizations will face by 2025?
AI will enable bad actors to do what they have always done, but faster. Just like defenders, they will use AI to automate software development and expedite the analysis of reams of data to discover plausible vulnerabilities and select and execute exploits.
On the flip side, we can expect significant improvements in operational and capital efficiency for defenders, as AI continues to automate routine tasks and streamline processes. This will free security practitioners to focus on more complex challenges, particularly those involving “irreducible uncertainty” — situations where the risk cannot be fully understood through empirical data.
As the deterministic aspects of cybersecurity are automated, the role of experts will increasingly shift toward decision-making in uncertain scenarios. AI will aid in modeling these risks, but the effectiveness of these models will heavily depend on the expertise and assumptions of the security professionals using them. This means that while AI will enhance analytical capabilities, the human element will remain critical in interpreting data and making informed choices among plausible alternatives. Security professionals will continue to play a vital role in navigating complexities and uncertainties, underscoring the importance of their expertise in the evolving landscape of AI-driven cybersecurity.
What are some innovative cybersecurity solutions you foresee becoming mainstream by 2025?
Measuring risk is a core capability, not a product. As cybersecurity maturity grows, the integration of financial metrics with technical security data will become critical. The industry calls this “cyber-risk quantification” (CRQ), but I call it cybersecurity risk management. You can’t extract quantitative measurement from the broader domain of cybersecurity risk management — they are one and the same. The good news is that the majority of CISOs will have CRQ capabilities in 2025 — in part or wholly integrated into their cybersecurity risk management programs.
QUALYS
RICHARD SEIERSEN Chief Risk Technology Officer, Qualys
If you could give one piece of advice to businesses preparing for 2025, what would it be?
While several regional enterprises are looking for the next best AI solution in an effort to fight fire with fire, I am reminded of the famous Alphonse Karr quote, “The more things change, the more they stay the same.” As such, a better question is, “What do businesses stand to lose (i.e. what is the value at risk) from AI abuse and misuse?” And what portion of this risk can be addressed with current security capabilities? For example, is securing an AI agent from threats like spoofing, tampering, information disclosure, denial of service, or escalation of privileges actually novel? Does it require new investments to build up a dedicated “AI” security stack? Similarly, consider that AI models consist of open-source and first-party code deployed on premises, in the cloud, or both. Infrastructure, software-pipeline, and supply-chain security practices still apply. So again, the question is, do we really need a complete security rethink?
My recommendation is that security teams proactively address these evolving threats by developing robust threat models and establishing guardrails — essentially, “secure by default” solutions. Ultimately, the key challenge lies in balancing the desire for rapid digital transformation with the imperative of safeguarding enterprise assets against potential AI-related abuses.
What are the biggest cybersecurity challenges organizations will face by 2025?
In 2025, we see the cybersecurity landscape being shaped by increasing sophistication in cyberattacks and evolving compliance pressures. One key challenge will be the need for robust disaster recovery capabilities, with companies leaning heavily on Disaster Recovery as a Service (DRaaS) solutions. This shift is driven by the sheer complexity of managing disaster recovery internally, combined with the rising volume and intensity of cyber threats. Organizations will also grapple with the growing interdependence between security and their diverse, hybrid IT environments, which span on-premises systems, virtualized workloads, and multi-cloud platforms.
How do you see the threat landscape evolving with emerging technologies like AI and quantum computing?
The rise of AI has brought both opportunities and challenges. While AI offers transformative potential, many organizations are starting to experience the reality of its limitations. Unrealistic expectations around AI’s capabilities will give way to a more focused and rigorous approach to implementation. For quantum computing, the potential to disrupt current encryption standards will push businesses to rethink their data protection strategies. These technologies will require organizations to balance optimism with practical readiness, ensuring they have the infrastructure and expertise to adapt to this evolving landscape.
What are some innovative cybersecurity solutions you foresee becoming mainstream by 2025?
DRaaS will be a game-changer for many companies, offering a practical way to outsource complex recovery processes with clear service level agreements. Additionally, the standardization of service layers across hybrid and multi-cloud environments will become essential, helping organizations reduce cost, complexity, and risk. There’s also growing recognition of the need to address data waste, with companies developing strategies to identify and manage redundant or single-use data. These innovations are paving the way for more sustainable and resilient approaches to cybersecurity and data management.
NetApp
WALID ISSA
Senior
Manager,
PreSales and Solutions EngineersMiddle East & Africa, NetApp
For quantum computing, the potential to disrupt current encryption standards will push businesses to rethink their data protection strategies. These technologies will require organizations to balance optimism with practical readiness, ensuring they have the infrastructure and expertise to adapt to this evolving landscape.
If you could give one piece of advice to businesses preparing for 2025, what would it be?
The best advice is to plan for resilience— both in technology and strategy. Focus on simplifying and standardizing your IT environment, especially as your workloads expand across multi-cloud and on-premises platforms. Don’t underestimate the importance of disaster recovery; invest in scalable solutions like DRaaS to protect your operations from disruptions. Lastly, tackle data management head-on. As data volumes grow, adopt a sustainable approach to eliminate waste and optimize what you store. Preparation is key to navigating the challenges and opportunities that 2025 will bring.
What are the biggest cybersecurity challenges organizations will face by 2025?
By 2025, organizations will face a variety of escalating cybersecurity challenges. One of the biggest will be the increasing sophistication of cyberattacks. Threats like AI-driven phishing, deepfakes, and advanced social engineering will make it harder to detect and defend against attacks. The growing adoption of IoT, 5G, and remote work technologies will significantly expand the attack surface, leaving more endpoints vulnerable. Data privacy and compliance will also become more complex, with evolving regulations like GDPR and CCPA. Let’s not forget the ongoing cybersecurity talent shortage, which will push businesses to lean more heavily on automation and AI to manage security tasks.
How do you see the threat landscape evolving with emerging technologies like AI and quantum computing?
Emerging technologies like AI and quantum computing will both enhance and challenge cybersecurity in new ways. On the AI front, while it offers incredible potential for improving threat detection and automating response times, cybercriminals will also use AI to create more adaptive, harder-todetect attacks. This will make it even harder to stay one step ahead. Quantum computing presents a more existential risk—its ability to break current encryption methods means organizations will need to adopt quantum-safe cryptography sooner rather than later. However, quantum computing also holds promise for improving defensive capabilities, enabling faster analysis of threats and the creation of stronger, more secure protocols.
What are some innovative cybersecurity solutions you foresee becoming mainstream by 2025?
By 2025, several advanced cybersecurity solutions will become critical for organizations. One of the biggest trends will be the widespread adoption of Zero Trust architectures. This security model, which assumes no device or file can be trusted is essential as environments continue to grow. AI-driven security operations will also become indispensable, helping to automate threat detection, analysis, and response. With the increasing complexity of cyber threats, AI will enable businesses to quickly identify and mitigate risks,
OPSWAT
RAMI NEHME
Regional Sales Director, UAE, South Gulf, Levant & Pakistan at OPSWAT
However, quantum computing also holds promise for improving defensive capabilities, enabling faster analysis of threats and the creation of stronger, more secure protocols.
ensuring faster and more efficient incident response, particularly in the face of emerging and zero-day threats.
If you could give one piece of advice to businesses preparing for 2025, what would it be?
Adopt a proactive, integrated cybersecurity strategy and stay adaptable. Cybersecurity is not a one-time investment or a static process—it needs to continuously evolve to keep up with emerging threats. Businesses must invest in advanced technologies like AI, automation, and Zero Trust frameworks to stay ahead of cybercriminals. But it’s equally important to foster a security-first mindset across the organization. Security can’t just be an IT responsibility; it needs to be embedded in every aspect of the business. The key to success in 2025 and beyond will be to remain agile, proactive, and collaborative in the fight against cyber threats. By doing so, organizations can not only defend against the evolving threat landscape but also leverage these emerging technologies to drive business growth and innovation, securely.
What are the biggest cybersecurity challenges organizations will face by 2025?
Cybersecurity challenges will evolve to become even more complex. Threat actors are becoming more specialized, especially in the early stages of attacks, focusing on reconnaissance and weaponization. Cybercrime-as-a-Service (CaaS) is expanding, making advanced tools like phishing kits and automated hacking solutions widely available, even to less skilled attackers. The increasing reliance on multi-cloud environments also introduces more vulnerabilities, creating a larger attack surface for cybercriminals. What’s particularly concerning is the convergence of physical and digital threats, where cyberattacks are paired with real-life intimidation tactics targeting executives and employees.
How do you see the threat landscape evolving with emerging technologies like AI and quantum computing?
The use of AI and quantum computing is transforming the threat landscape. Cybercriminals are already using AI to automate reconnaissance and streamline phishing attacks, and this trend will only grow. On the flip side, AI offers promise for real-time threat detection and response. Quantum computing, while still in its early stages, could disrupt traditional encryption methods, making it crucial for businesses to adopt post-quantum cryptography to protect sensitive data. These technologies highlight the need for businesses to stay ahead of the curve and rethink their cybersecurity strategies.
What are some innovative cybersecurity solutions you foresee becoming mainstream by 2025?
As cloud adoption continues to rise, expect to see more sophisticated tools designed to secure hybrid and multi-cloud environments. On top of that, behavioral analytics powered by machine learning will continue to become even more mainstream, enabling organizations to detect and stop attacks based on anomalies in user behavior. Anti-adversary frameworks will also play a crucial role, with businesses, governments, and security providers collaborating to stay ahead of attackers.
FORTINET
ALAIN PENEL
Vice President – Middle East, Turkey and CIS, Fortinet
The increasing reliance on multicloud environments also introduces more vulnerabilities, creating a larger attack surface for cybercriminals. What’s particularly concerning is the convergence of physical and digital threats, where cyberattacks are paired with real-life intimidation tactics targeting executives and employees.
If you could give one piece of advice to businesses preparing for 2025, what would it be?
My advice would be to think beyond just technology and build a culture of cybersecurity within your organization. Cybersecurity isn’t just the responsibility of IT teams anymore. Businesses need enterprise-wide security awareness, regular training, and robust incident response plans if they want to give themselves the best possible chance of thwarting cyberattacks. Collaborating with industry peers and participating in public-private partnerships can also make a big difference. The key is to stay proactive and to anticipate, not just react to emerging threats.
Building a secure digital foundation
How GHC combines digital innovation and cybersecurity leadership
Global Healthcare Company (GHC) is one of the fastestgrowing companies in the healthcare and beauty sectors in the Kingdom of Saudi Arabia. Founded in 2008, the company introduced a unique concept of combining health and beauty shops in one location.
GHC operates two distinct brands in the market. The first is Whites, a well-known brand specializing in beauty and healthcare products. The second is Kunooz, which focuses on the pharmaceutical industry.
Additionally, GHC complements its operations with a wholesale division, the National Distribution Company (NDC), which manages various brands. NDC primarily imports a wide range of products from overseas and distributes them within the Saudi market.
Currently, GHC operates 120 stores across more than 20 cities in the Kingdom of Saudi Arabia and employs over 1,000 staff members.
Cybersecurity is a cornerstone of GHC's digital transformation journey. “Especially in the retail business, there are many initiatives that need to be implemented to stay up-to-date with the rapid pace of market transformation. We must respond quickly to market changes and evolving customer needs,” says Majed Shahin, CTO of GHC.
for all critical data and systems,” Majed explains.
This level of automation, powered by AI and business intelligence, is a major advantage of Secureworks' solutions,”
As part of its digital transformation, GHC initially focused on building a secure foundation for its IT infrastructure. This included selecting the right ERP system, point-of-sale system, and e-commerce platform. Once the foundation was established, GHC integrated tools to enhance customer engagement, such as loyalty programs, CRM systems, and automated marketing tools. Currently, GHC is building upon this foundation by integrating advanced tools and technologies that enable quicker responses to market changes while enhancing customer engagement. GHC began its cybersecurity transformation with an assessment, which was followed by a phased implementation of recommendations. “We started with the initial stage, focusing on basic security measures such as firewalls, antivirus software, and enforcing strong passwords
Following this, GHC moved to the next stage, risk awareness. In this phase, the company developed security policies, trained employees, and raised awareness about the importance of cybersecurity. “We emphasized that cybersecurity is not just a cost but a business enabler,” Majed notes. The company then advanced to the transformation phase, also known as the integrated security stage. Here, cybersecurity became an integral part of GHC’s overall strategy and culture. Advanced threat protection and detection tools, including EDR and XDR, were implemented during this phase. “This is not the end of the journey,” Majed stresses. “Cybersecurity is a continuous process—it requires ongoing improvements to stay ahead of evolving threats.”
A key highlight of GHC’s cybersecurity transformation was its partnership with Secureworks. “We searched for an advanced tool for threat detection, protection, and response. After evaluating several options, we selected Secureworks for its XDR and MDR offerings,” says Majed. Secureworks stood out for its comprehensive solutions, which include advanced threat detection, real-time intelligence, and rapid incident response. “Their end-to-end protection covers endpoints, servers, networks, and even cloud environments,” Majed added. Another decisive factor was the business intelligence embedded in Secureworks' tools, which significantly reduced the workload for GHC’s cybersecurity team by automating detection and response processes.
MAJED SHAHIN
10 predictions for Managed Service Providers in 2025
Gaidar Magdanurov, President of Acronis, highlights the trends that will define the future of the MSP industry.
As we look to the future of the Managed Service Providers (MSPs) landscape in 2025, this specialized group of IT and tech professionals will likely face a pivotal moment. We are noticing a crossroads where the convergence of rapid digital transformation and increasingly complex customer expectations will present both challenges and opportunities. As organizations continue to grapple with stringent cybersecurity standards along with the adoption of IoT and cloud services, MSPs must not only navigate these challenges but also harness them as catalysts for growth.
By proactively adapting to their clients’ evolving needs, MSPs can enhance operational efficiency, forge stronger relationships, and ultimately transform potential hurdles into pathways for innovation and success. To remain competitive, it is imperative that MSPs keep pace and lead the charge in a world where adaptability is crucial to attracting and retaining customers.
With this in mind, here are the key trends that I believe will shape the MSP industry in 2025.
AI-driven Automation Sets New Standard
AI-driven automation has become a foundational element of modern cybersecurity practices, setting an industry standard to prevent evolving threats. AI is used for
predictive maintenance, patch management, vulnerability assessments, and phishing simulations. Further, AI automates ticket processing through preset responses, chatbots, and automatic actions. MSPs are increasingly leveraging AI to monitor suspicious behavior, automate responses to cyber threats, and prevent malicious actions.
Implement Zero Trust
The Zero Trust model will emerge as the default approach for network security, fundamentally reshaping how organizations manage user access and safeguard IT resources. This shift stems from the realization that traditional perimeterbased security models are no longer sufficient to address the complexities and threats of modern digital environments. MSPs need to integrate Zero Trust principles into their service offerings to enable them to provide robust and scalable solutions to meet client needs and regulatory requirements.
Master Multi-Cloud Adoption
With multi-cloud adoption on the rise and expected to grow through 2025, most MSPs will need to manage multiple cloud environments to optimize cost and performance. As multi-cloud strategies become essential to modern IT infrastructure, MSPs already support multi-cloud as part of their service portfolios. In 2025, this support will no longer
be a nice-to-have but a necessity as it continues to trend as a critical component of today’s IT infrastructure.
Harness Integrated Cybersecurity Platforms Integrated cybersecurity platforms
GAIDAR MAGDANUROV President, Acronis
are essential components of modern organizational strategies, reflecting a shift in how businesses view cybersecurity. Rather than operating as standalone solutions, cybersecurity is now interconnected with business continuity and endpoint management. This holistic approach ensures that organizations can defend against threats and maintain operational resilience in the face of disruptions. In 2025, MSPs must offer comprehensive, integrated security solutions to position themselves as
to stay competitive. MSPs specialize in industries based on compliance requirements and specialized software and requirements. As compliance regulations become more complex, MSPs often need more talent to support multiple industries and must choose specific verticals where they can offer the best value. To remain competitive, MSPs should also consider investing in ongoing training and skill development, ensuring their staff and IT technicians are well-equipped to deliver
critical partners in supporting clients’ longterm resilience and cybersecurity maturity.
IoT Management Becomes Essential
Beyond standard endpoints, MSPs must account for Internet of Things (IoT) devices. While IoT technology enhances operational efficiency and enables innovative solutions, they are also targets for attackers as they can be leveraged as penetration points. For MSPs, IoT management and security protocols must be implemented to ensure protection across all connected devices.
Embrace Verticalization and Training
Competition between MSPs is intensifying. Before COVID, most MSPs primarily served clients within their local area. However, during and after COVID, even the smallest MSPs began offering services to remote customers across state lines and even internationally. This expanded reach, paired with the rise of remote work, means MSPs must differentiate their offerings
For MSPs, IoT management and security protocols must be implemented to ensure protection across all connected devices.
specialized service for different verticals and regions.
Support the Remote Workforce
The shift toward remote-first and remoteonly work environments is becoming permanent in the corporate landscape. MSPs and corporate IT professionals must adapt their strategies, tools, and methodologies to effectively support this evolving workforce while balancing convenience and productivity with cybersecurity and regulatory requirements.
Everything as a Service Trends
The concept of "Everything as a Service" (XaaS) is rapidly gaining traction across various sectors, fundamentally reshaping how businesses consume technology and services. This model extends beyond traditional software and infrastructure to encompass many services, including data storage, cybersecurity, backup, applications, and consulting. MSPs must adapt to the subscription service offering to match customer demand.
Predictive Analytics Growth
Predictive analytics is already a growing trend and is expected to become more critical in 2025 as MSPs seek to leverage vast amounts of data. With AI and data collection technology advancements, businesses can now analyze historical and real-time data to forecast future trends, behaviors, and outcomes. This shift is fundamentally transforming decision-making processes across various industries. However, the protection of data used in AI processing is becoming critical, as cyber attackers may manipulate AI-driven decisions by modifying the data AI relies on for training or execution.
Rising Importance of Energy Efficiency
The availability of electrical power for data centers running complex AI workloads is becoming a concern, as energy efficiency directly impacts a company’s ability to perform complex computational tasks. As a result, more clients will begin seeking energy savings solutions. For MSPs, this serves as an opportunity to offer services that help customers improve energy use in data centers by optimizing workloads and consulting on sustainable practices to become a valuable partner in managing both operational costs and environmental impact.
Navigating today’s cloud security challenges
Vince Hwang, VP, Cloud Security, Fortinet, shares insights from the 2025 State of Cloud Security report.
Cloud adoption lies at the heart of digital transformation, providing organizations with the agility and flexibility they need to stay competitive in today’s rapidly changing marketplace. Competing in a digital-first economy requires developing personalized customer experiences, embracing a more prominent work-from-anywhere (WFA) strategy, streamlining workflows, and optimizing distributed operations for greater efficiency and scalability. However, while the power of the cloud certainly enables enterprises to quickly adapt to today’s evolving demands, it also introduces unique challenges that security teams must recognize and manage. These include safeguarding sensitive data, ensuring regulatory compliance, and maintaining visibility and control across increasingly complex hybrid and multi-cloud environments.
The release of the 2025 State of Cloud Security Report, sponsored by Fortinet and produced by Cybersecurity Insiders, provides a comprehensive analysis of the latest trends, challenges, and strategies shaping cloud security. Based on insights from over 800 cybersecurity professionals across industries and geographies, this report reveals what’s driving hybrid and multicloud adoption, the evolving challenges organizations face, and actionable steps for securing these dynamic environments.
Many organizations navigating the challenges of cloud adoption recognize the importance of safeguarding their cloud-based initiatives. As a result, they are significantly increasing their cloud security investments in the coming year. They are channeling their resources to address critical security gaps, ensure compliance, and overcome technical complexities. This blog examines some key findings from the 2025 State of Cloud Security Report, including how businesses worldwide are harnessing the cloud and how their security teams respond to cloud-related threats. It highlights the challenges companies face as they navigate their cloud adoption journey.
Cloud Adoption Trends: Hybrid and Multi-Cloud Dominate
Cloud adoption continues to redefine IT operations, with hybrid and multi-cloud models emerging as the leading strategies for most organizations. According to the report, 82% of surveyed organizations now leverage cloud environments to achieve greater scalability, flexibility, and resilience. To that end, hybrid cloud adoption has risen to 54%, enabling organizations to integrate their on-premises systems with public cloud platforms. This approach lets organizations optimize the deployment of their applications based on their needs, striking a balance between control and
compliance. For instance, IT teams can use public clouds for customerfacing applications while keeping sensitive data safe in their private environments.
Cloud Security Challenges
While cloud adoption offers substantial benefits, it also brings significant security challenges, with 61% of respondents reporting that security and compliance concerns are their top barriers to cloud adoption. Misconfigurations, regulatory non-compliance, and data breaches are among the most pressing issues identified, especially as hybrid and multicloud environments expand. For
VINCE HWANG
VP, Cloud Security, Fortinet
instance, healthcare providers migrating patient records to the cloud must comply with HIPAA regulations while safeguarding sensitive information.
Compounding these challenges is the cybersecurity skills gap. A staggering 76% of organizations report a shortage of cloud security expertise and people resources, limiting their ability to deploy and manage comprehensive security solutions. This shortage not only underscores the need for targeted training and upskilling to bridge the gap but also to rethink cloud deployment strategies to reduce complexity and increase security effectiveness.
that offered by Fortinet, should deliver comprehensive 360-degree defense-indepth protection and comprehensive visibility to help organizations fully understand their cloud environment, better operationalize their environment, and increase security effectiveness—all while reducing complexity.
Additionally, it should offer integrated capabilities like Cloud Security Posture Management (CSPM), Code Security, and Cloud Infrastructure Entitlement Management, such as those provided in Fortinet’s Lacework FortiCNAPP Cloud Native Application Protection Platforms
This is even more critical when considering another critical weakness highlighted by the 2025 Cloud Security Report: real-time threat detection. Only 36% of respondents expressed confidence in their organization’s ability to detect and respond to threats in their cloud environments. This lack of confidence highlights vulnerabilities in current architectures, especially in complex hybrid and multi-cloud setups.
Unified Cloud Security Platforms: A Key Solution
The 2025 State of Cloud Security Report emphasizes implementing a unified cloud security platform strategy to tackle these challenges. An overwhelming 97% of respondents prefer centralized solutions that simplify policy management, enhance visibility, and ensure consistent enforcement across diverse environments. As a result, organizations are urged to invest in acquiring and deploying a unified cloud platform. An ideal platform, like
(CNAPP) solution. While traditional standalone CSPM tools can identify misconfigurations, such as exposed storage buckets, they lack the ability to actively protect or provide the full visibility and context to amplify weak signals to identify complex threats that may exist within the cloud environment.
Increasing Investment in Cloud Security
On average, cloud security currently accounts for 35% of overall IT security spending, reflecting the growing importance of protecting hybrid and multicloud environments. But with cloud security
97%
An overwhelming 97% of respondents prefer centralized solutions that simplify policy management
now a top priority for organizations, 63% plan to increase their budgets in the next 12 months.
Organizations should evaluate their approaches to cloud security investments, particularly those with Cloud Minimum Spend commitment obligations. They should consider flexible daily-usage licensing programs, such as Fortinet FortiFlex, that offer a broad catalog of solutions, empowering them to readily deploy what they need, quickly scale up, down, in, or out as required, and only pay for actual usage. Additionally, an ideal program should readily allow you to draw down your cloud spend commitment obligations at the same time.
Building a Resilient Cloud Security Posture
The 2025 State of Cloud Security Report underscores the growing complexity of today’s hybrid and multi-cloud environments—and the urgent need for proactive strategies to address their evolving challenges. Critical steps include:
• Adopting unified platforms to simplify policy management and ensure consistency across environments.
• Investing in training to bridge the cybersecurity skills gap.
• Leveraging a cloud-native application protection platform that combines advanced tools like workload protection, configuration management, runtime defense to secure containers, and integrated solutions to enhance threat detection and remediate issues.
• Using end-to-end encryption and automated risk remediation to improve data protection.
In addition, emerging trends—like the integration of AI-driven threat detection, the rise of edge computing, and the increasing emphasis on zero-trust architectures—are set to shape the next wave of cloud security solutions.
The time to prepare for these changes is now. Fortinet’s industry-leading solutions provide the tools and insights today’s organizations need to effectively protect their cloud infrastructure. By reading and implementing the best practices outlined in this report, you can build a more resilient security posture designed to support your innovation while protecting the critical assets you have deployed across your dynamic cloud landscape.
RaaS Groups to watch for in 2025
Halcyon reveals common tactics, techniques, and procedures used by attackers.
The ransomware landscape shifts quickly, as highlighted by the continued rise and fall of various Ransomware-as-a-Service (RaaS) groups. These groups offer tools and infrastructure that enable affiliates to attack. While their tactics are innovative and aggressive, they are inherently unstable, as they experience source code leaks and internal and external disputes.
Halcyon, a dedicated antiransomware platform that uses advanced prevention tools, automated recovery, and enhanced security integrations, has unveiled its list of top RaaS groups and the Tactics, Techniques, and Procedures (TTPs) to watch for in 2025. This is in a bid to help various organizations boost their cybersecurity defenses, especially against attacks carried out by ransomware operators.
Top established RaaS groups
The past years saw the decline of major players like LockBit and BlackCat/ALPHV. But along with it is the emergence of RaaS groups that have swiftly established themselves as huge threats. For 2025, Halcyon identified established RaaS groups to watch for.
l Play is one of the most active and innovative groups in the RaaS space. The group operates with tactics similar to the now-defunct ransomware strains, Hive and
Nokoyawa.
l RansomHub has carried out high-impact attacks since its emergence in early 2024. It sets itself apart from other groups by offering affiliates up to 90% of ransom payments.
l 8Base deploys sophisticated tactics, including double extortion and advanced evasion techniques. It’s believed to be tied to experienced RaaS operators like RansomHouse and the Babuk ransomware builder.
l Qilin, previously known as Agenda, is a RaaS operation that targets both Windows and Linux systems. It’s written in Golang and Rust, the latter of which boasts superior security and crossplatform capabilities.
l BlackSuit is a private ransomware group that targets Windows and Linux systems. It shares similarities with Royal ransomware in terms of code structure and encryption methodology.
l Hunters International only emerged in October 2023 but by 2024, it has already conducted over 130 attacks. Leveraging the codebase from Hive, the group targets industries like healthcare, finance, and manufacturing.
Top emerging RaaS groups
Apart from established RaaS groups, Halcyon also named notable emerging groups to keep on the cyber radar.
l Sarcoma is a group that gained notoriety for its aggressive tactics and data breaches. Instead of listing
Ransom payments offered by RansomHub, which has carried out high-impact attacks since 2024, to affiliate groups.
ransom amounts, it uses data leaks to pressure victims into compliance.
l Fog ransomware has garnered attention with its swift file encryption and ransom demands in Bitcoin. It has since expanded, carrying out more lucrative and highprofile attacks.
l Originally a hacktivist group linked with the Anonymous movement, KillSec launched its RaaS platform in June last year. It earns a 12% commission on each payment.
l Meow Ransomware was first identified in 2022 and re-emerged in 2024. Linked to the Conti v2 variant, it targets U.S. industries handling sensitive data, including healthcare and medical research.
Top TTPs for RaaS Operations
This 2025, ransomware groups are expected to continue using sophisticated tactics, techniques, and procedures (TTPs) to enhance their attacks and evade detection. Social engineering remains a top infection vector. Other common infection vectors for RaaS operators include brute forcing and leveraging stolen RDP and VPN credentials. Halcyon also foresees unpatched vulnerabilities being heavily
exploited.
In 2025, more Linux systems could be targeted by ransomware groups, leveraging these systems’ “always on, always available” nature to establish command and control. Ransomware operators also increasingly use Living-off-the-Land (LotL) techniques to avoid detection. Along with this, these groups develop custom cross-platform payloads and data exfiltration tooling, making data theft a standard in nearly every major operation. Attackers bypass modern security defenses,
such as EPP, EDR, and XDR tools, through advanced techniques like unhooking, blinding, and the deletion of shadow copies or cloud backups.
Additionally, more advanced TTPs, often seen in APT-style operations, are becoming prevalent. These include exploiting zeroday vulnerabilities, employing DLL sideloading, and leveraging payloads written in languages like Rust and Go.
Is the commission earned by KillSec on each payement, which launched its RaaS platform in June last year.
While many ransomware groups still target low-hanging fruit, such as vulnerable applications or poorly defended systems, advanced operators also focus on certain sectors — with high-value sectors such as healthcare, critical infrastructure, manufacturing, and online commerce being prime targets. Additionally, industries with limited cybersecurity resources, such as the education sector and state or local governments, remain vulnerable.
As the ransomware landscape continues to see such shifts, Halcyon remains committed to providing advanced solutions alongside insightful reports. Quarterly, it publishes its Ransomware Malicious Quartile report. This report ranks ransomware groups according to key factors such as attack volume, sophistication, and impact.
Blurring lines
State-aligned APT groups are increasingly deploying ransomware and that’s bad news for everyone, says Phil Muncaster from ESET.
There was a time when the boundary between cybercrime and statealigned threat activity was rather easy to discern. Cybercriminals were fuelled solely by the profit motive. And their counterparts in the government carried out mainly cyberespionage campaigns, plus the occasional destructive attack, to further their employers’ geopolitical goals. However, in recent months, this line has begun to dissolve, including when it comes to ransomware, a trend also noted by ESET’s latest Threat Report. This has potentially major implications for IT and security leaders – not only increasing the risk of attack, but also changing the calculus around how to mitigate that risk.
One could argue that ransomware attacks launched by statesponsored hackers is, in fact, nothing new. In 2017, North Koreaaffiliated operatives are thought to have launched WannaCry (aka WannaCryptor), the first ever global ransomworm. It was only halted after a security researcher stumbled upon and activated a “kill switch” hidden in the malicious code. In the same year, state-sponsored hackers launched the NotPetya campaign against Ukrainian targets, although in this case it was actually destructive malware disguised as ransomware in order to throw investigators off the scent. In 2022, ESET observed
the Russian Sandworm group using ransomware in a similar way: as a data wiper.
The line between state-backed operations and financially motivated crime has been blurring ever since. As we also noted a while back, many dark web vendors sell exploits and malware to state actors, while some governments hire freelance hackers to help with certain operations.
What’s happening today?
However, these trends appear to be accelerating. Specifically in recent past, ESET and others have observed several apparent motives:
Ransomware to fill state coffers
Government hackers are deliberately using ransomware as a money-making tool for the state. This is most obvious in North Korea, where threat groups also target cryptocurrency firms and banks with sophisticated megaheists. In fact, it’s believed they made about $3bn in illicit profits from this activity between 2017 and 2023.
In May 2024, Microsoft observed Pyongyang-aligned Moonstone Sleet deploying custom ransomware dubbed “FakePenny” on the next works of several aerospace and defense organizations, after first stealing sensitive information. “This behavior suggests the actor had objectives for both intelligence gathering and monetization of its access,” it said.
North Korean group Andariel is also suspected to have provided initial access and/or affiliate services to the ransomware group known as Play. That’s because Play ransomware was spotted in a network previously compromised by Andariel.
Making money on the side
Another motive for state involvement in ransomware attacks is to let government hackers earn some money from moonlighting. One example is Iranian group Pioneer Kitten (aka Fox Kitten, UNC757 and Parisite) which has been spotted by the FBI “collaborating directly with ransomware affiliates to enable encryption operations in exchange for a percentage of the ransom payments.”
It worked closely with NoEscape, Ransomhouse, and ALPHV (aka BlackCat) – not only providing initial access, but also helping to lock down victim networks and collaborate on ways to extort
victims.
Throwing investigators off the scent
State-linked APT groups are also using ransomware to cover up the true intent of attacks. This is what the China-aligned ChamelGang (aka CamoFei) is believed to have done in multiple campaigns targeting critical infrastructure organizations in East Asia and India, as well as the US, Russia, Taiwan and Japan. Using the CatB ransomware in this way not only provides cover for these cyber-espionage operations, but also enables operatives to destroy evidence of their data theft.
Does attribution matter?
It’s obvious why government-backed groups are using ransomware. At the very least, it provides them with a useful cover of plausible deniability which can confuse investigators. And in many cases, it does so while increasing state revenue and helping to motivate government-employed hackers who are often little more than poorly paid civil servants. The big question is whether it really matters who is doing the attacking? After all, Microsoft has even uncovered evidence of government
agencies outsourcing work wholesale –although in the case of Storm-2049 (UAC0184 and Aqua Blizzard, no ransomware was involved.
There are two schools of thought here. On the one hand, best practice security advice should still ring true – and be an effective way to build resilience and accelerate incident response—whoever is doing the attacking. In fact, if state-aligned APT groups end up using cybercrime tactics, techniques and procedures (TTPs), this may even benefit network defenders, as these are likely to be easier to detect and
defend against than sophisticated custom tools.
However, there’s also an argument for saying that understanding one’s adversary is the essential first step to managing the threat they pose. This is explained in the 2023 research report, Cyber Attacker Profiling for Risk Analysis Based on Machine Learning: “One of the essential components of cyber security risk analysis is an attacker model definition. The specified attacker model, or attacker profile, affects the results of risk analysis, and further the selection of the security measures for the information system.”
Fighting back
That said, if you don’t know the identity of your adversary, there are still ways to mitigate the impact of their ransomware attacks. Here are 10 best practice steps:
l Tackle social engineering with updated security training and awareness programs
l Ensure accounts are protected with long, strong and unique passwords and multifactor authentication (MFA)
l Segment networks to reduce the “blast area” of attacks and limited lateral movement
l Deploy continuous monitoring (endpoint detection and response or managed detection and response) to identify suspicious behavior early on
l Regular test the effectiveness of security controls, policies and processes to drive continuous improvement
l Deploy advanced vulnerability and patch management tools
Ensure all sensitive assets are protected by multi-layered security software from a reputable supplier, including for desktops, servers and laptops/mobile devices
l Invest in threat intelligence from a trusted partner
l Perform regular backups in line with best practice
l Devise an effective incident response strategy and practice periodically
Of data breaches last year was accounted by organised crime, versus just 5% attributed to nation states.
According to one estimate, organized crime accounted or 60% of data breaches last year, versus just 5% attributed to nation states. But the latter share is growing, and the breaches themselves could have an outsized impact on your organization. Continued awareness and proactive risk management are essential.
Bridging the gap
Khalid Aljamad, VP for KSA at Nozomi Networks, sheds light on the pressing challenges and trends in critical infrastructure security.
What trends and challenges do you observe in the critical infrastructure security sector?
I think one of the biggest challenges is asset management. Even when starting with a cybersecurity strategy, the convergence of technologies across IT, OT, and IoT introduces significant complexity. You end up with a mix of new and old devices—so how do they coexist? How do you manage them?
More importantly, how do you take ownership of these assets when they fall between different departments? This is the most recurring theme and challenge we hear from our customers and partners.
How do you approach protecting OT systems, considering they lack the mature protocols and frameworks that IT systems have?
I think that’s a very good question. To address it, you need to collaborate with traditional automation or OT manufacturers like Emerson, Schneider, GE, Honeywell, and others to understand the primary functions of those systems. When discussing IT, the focus is on information. However, when discussing OT, the focus shifts to operation and the continuity of that process.
From a security perspective, information is not as much of a priority in an OT environment as maintaining operational continuity. Therefore, when we attempt to implement
cybersecurity in such environments, it’s critical to identify and understand the potential risk factors. We must also analyze the operational variables produced by these systems and figure out how to bridge the gap between traditional technologies and modern cybersecurity tools, which are heavily influenced by IT practices. What we’re seeing today is a growing trend among customers and partners toward creating converged IT/OT Security Operations Centers (SOCs). These centers often bring together subject matter experts who either come from an automation background and gain deep cybersecurity knowledge or vice versa—cybersecurity professionals trained to understand OT systems. This cross-disciplinary expertise is essential for effectively managing and securing these environments.
Are you observing any targeted attacks on critical infrastructure, or is it primarily ransomware and similar threats?
I don’t think ransomware is as much of a challenge in OT environments as it is in IT environments. After all, you’re not likely to steal critical information like a turbine’s RPM, right? The information itself doesn’t carry the same level of sensitivity. However, given the geopolitical climate over the past 12 to 13 years, we’ve all heard about major cyberattacks on critical infrastructure. These include attacks on Ukraine’s electrical grid, incidents in the U.S. that compromised gas and water supply lines, and attacks
KHALID ALJAMAD VP for KSA at Nozomi Networks
NEXT-GEN OBSERVABILITY
Go beyond traditional IT monitoring.
Actionable, AI-powered insights across any environment.
targeting refineries and oil companies in Saudi Arabia.
These issues, along with many others, represent a growing and significant challenge in the realm of OT security.
We’re in the age of AI, and it’s a topic everyone is discussing. Do you see AI playing a significant role in the critical infrastructure security?
One of our co-founders has a PhD in AI,
been seen before. AI allows us to detect such attacks by analyzing the behavior of the environment and identifying unusual patterns in the system’s output. This capability is vital for staying ahead of emerging threats and maintaining robust security.
Do you see the skill shortage in this field as one of the biggest challenges? If so, what is Nozomi doing to help build and develop
those skills?
There’s a significant shortage, and it’s a challenge across the board. Even in IT, I think the gap is smaller than it used to be— it’s still a growing pain, but within OT, the gap is much larger. This is partly due to the nature of the field. When training someone to be a cybersecurity expert today, the focus is usually based on IT.
I believe organizations, vendors, and regulatory authorities should play a larger role in advancing OT cybersecurity
and AI and machine learning are core pillars of how our solution is built. I think this is critical—not just because Nozomi is doing it, but because everyone is trying to leverage AI in one form or another. Why is that? When you’re dealing with a power plant, refinery, or smart meter, the volume of information that needs to be processed to identify patterns of an attack is far beyond the comprehension of a human engineer or operator. AI tools are essential for analyzing data and detecting patterns, as they enable us to identify deviations from normal processes and operations. Coincidentally, this approach is also how we can protect against zero-day attacks— attacks that, by definition, have never
AI tools are essential for analyzing data and detecting patterns, as they enable us to identify deviations from normal processes and operations.
specifically, rather than just IT cybersecurity, and in building up the talent pool.
In a nutshell, yes, there is a huge shortage. However, I do believe that Nozomi and our industry peers can play a major role in bridging this gap. There are already initiatives underway to build training labs and collaborate with educational institutions, whether universities or larger organizations, to develop expertise and capabilities. These initiatives aim to train both fresh graduates and professionals transitioning to OT cybersecurity, ensuring they have a solid foundational knowledge to build upon.
5 pillars of customer identity and access management – an indispensable element of success for modern B2C enterprises
The Arab Gulf region is home to a growing number of brands adapting swiftly to meet modern customers' digital-first expectations. This shift means expanding the range of digital touchpoints that connect customers to a brand. In the UAE, for instance, the e-commerce market is projected to reach $17 billion by 2025. To keep pace, regional B2C enterprises need to consider how they'll maintain robust security as customers interact with their brand beyond traditional digital boundaries. A solution to this challenge is becoming clear.
Customer Identity and Access Management (CIAM) brings robust authorization practices to customer interactions, ensuring that high security standards do not compromise system performance. Effective CIAM solutions enable seamless, secure experiences across web, mobile, kiosks, and other digital touchpoints, preserving user experience while safeguarding customer data. CIAM methods can include a range of authentication options—from traditional usernames and passwords to social logins, secure email links, passkeys, multi-factor authentication (MFA), and more.
CIAM is an approach built on five pillars: user onboarding and registration; authentication; authorization and access management; self-service; and integration with systems of record
and business-insight tools. When an organization implements its CIAM strategy with the right balance among the pillars, the result is frictionless, individualized customer experiences.
Let’s take a look at each of these pillars.
1. User onboarding and registration Registration takes curious, anonymous consumers and converts them into established users with names, dates of birth, and more. Bring Your Own Identity (BYOID) allows these new customers to use social identifiers, email addresses, and a variety of other methods for identity verification. E-commerce services like shopping carts, food-delivery, content-streaming, and ride-sharing, can use these methods. But when we cross over into government, financial services, and commercial aviation, the CIAM approach requires validation of government-issued documents like passports, national IDs, and driver’s licenses. In highly regulated industries, organizations must also fulfill Know Your Customer (KYC) obligations and may be required to use biometric verification when identifying a customer.
During registration, the enterprise must also establish a privacy relationship with the customer through terms of service and user consent. At this point, the business can persuade the user to provide zero-party data such as preferences and favorites to further personalize
MALITHI EDIRISINGHE
Director, Architect - Identity and Access Management, WSO2
2. Authentication
Account takeovers, password snooping, password stuffing – avoiding these attack methods calls for robust authentication policies. Single sign-on (SSO) and passwordless logins like email links, mobile OTPs, passkeys, and social logins will enhance the convenience of authentication while also strengthening it. Organizations also have the option of using adaptive authentication, which tailors the factors used to the context of the login. If a user
deliver secure, compliant access.
4. Self-service
The Gulf’s digital natives expect self-service capabilities. And self-service has the added benefit of reducing operational costs. Classic examples of self-service in an effective CIAM environment would include options of recovering lost credentials through a “Forgot password?” link. Such methods allow users to get things done at their own convenience. Self-service can also include managing MFA options (authenticator apps, passkeys, and
authenticates from a new device or location, for example, or after a prolonged period of inactivity. Financial organizations like banks may add an extra layer of authentication if users move from reading their statements to transferring funds.
3. Authorization and access management
Next, we must define privileges. In modern systems, role-based access control (RBAC) and attribute-based access control (ABAC) models have proved too restrictive for granular control over privileges. Instead, relationship-based access control (ReBAC) has emerged. But regardless of control method, authorization in CIAM requires granting permissions that neatly fit the user, application, and device being authenticated. B2C apps may grant permissions based on loyalty tier. Authorization will also apply to third-party applications that need access to user data. Strong authorization can prevent data loss, detect account takeovers, and
$17
Is the estimated e-commerce market in the UAE by 2025 experiences.
so on), security settings, and notification preferences, and viewing and revoking active sessions. The user can also authorize and deauthorize devices. The organization could also give users access to their own activity logs, which would allow them to identify the devices from which they accessed their accounts. This transparency is an excellent way to build trust between the brand and its customers because users can audit their activity and make their own independent decisions based on what they find. The EU’s GDPR mandates self-service features that allow users to view any terms and conditions they have accepted and to download data pertaining to them and opt out of services.
5. Integration with systems of record and business-insight tools
This competency involves embedding customer identity into business processes and tools to facilitate seamless cross-application and cross-workflow interactions. Here, we centralize our CIAM system by eliminating silos in favor of unified identity management. We bridge business properties – all its externalfacing websites and brands.
We also want to integrate CIAM with other repositories of customer information, like customer relationship management (CRM), customer data platforms (CDP), master data management (MDM), and digital experience platforms (DXP). Not only does this enhance the user experience, it also enhances security through contextual information about the customer. By integrating CIAM with businessinsight tools, such as fraud-management systems, you can boost the effectiveness of risk-based authentication and behavioral biometrics.
CIAM pillars and enhanced business outcomes
The five pillars go beyond user satisfaction and compliance. They serve as a turbocharge for operational efficiency when CIAM is integrated with business processes. When data is seamlessly synchronized and support tasks are automated, the need for manual intervention is reduced, which allows the enterprise to divert valuable labor to more strategic areas. Next comes agility and market responsiveness. CIAM has emerged at a pivotal time, addressing the diverse demands of today’s digital landscape. It strengthens the connection between businesses and their customers while meeting regulatory expectations, making it a vital component for success in modern B2C enterprises.
Preparing for a quantum future
Palo Alto Networks predicts 2025 will see organisations pivot to quantum readiness
Palo Alto Networks released its predictions for the cybersecurity industry in EMEA, leading with a call for cyber teams to get a quantum resistant roadmap in place in order to future-proof their organisations from this growing threat, and opportunity. Drawing from insights from Palo Alto Network’s CSO team, as the global cybersecurity leader, Palo Alto Networks details five predictions for what will be shaping the cybersecurity landscape in 2025.
Organisations will tackle the first stages of quantum readiness Quantum computing, quantum risk, and the technology necessary to protect, encrypt, and secure it will move into the mainstream tech discussion. While practical quantum attacks on widely used encryption methods are not yet feasible, they are likely to become possible within the next decade, and so the time for organisations to prepare is now.
In 2024, Chinese researchers successfully broke classic 50-bit RSA encryptions using a quantum annealing computer. Though this is not a case for alarm (RSA uses <2048 bits), it does further exacerbate a sudden and urgent need for quantum-resistant crypto algorithms. In 2025, the race to deploy those algorithms will take on a greater focus for CISOs, particularly in financial services and those protecting critical national infrastructure.
The first step, in the short-term, should be in preparing a short-term QuantumResistant roadmap which would include:
• An assessment of the risk and map of self-developed applications and vendor technologies with Post Quantum Cryptography (PQC) as an immediate requirement.
• A migration strategy to resistant cryptographic and annealing algorithms, taking into account the impacts on hardware resources, introduced latencies (user experience), and maintenance (e.g. key rotations).
• In line with c-suite priorities for 2025, such plans should include a view on how quantum could for the organisation effectively cut energy consumption and carbon emissions by enabling robust, uncertainty-aware control strategies for managing energy-intensive AI workloads.
With this analysis in place, CISOs will be able to debunk any hype around quantum with their boards, detailing what the threat is now, how it will be managed and what the business benefits of doing so might be.
Further predictions from Palo Alto Networks include:
1. Stringent measurement of cyber security efforts become the norm as AI’s impact on cyber attacks deepens: Security professionals should be proactive in establishing for themselves and their teams specific metrics to track against, laddering up to specific key performance indicators (KPIs).
2. Rise of AI co-pilots forces the re-writing of cybersecurity job descriptions: With the rising popularity and sophistication of AI-enabled security co-pilots, from helpful assistants to fully autonomous ‘teammates’, the human job description for every cybersecurity role will need to be re-written in the next year.
3. Cyber’s role in the climate fight - Cyber professionals shoot for the ‘double wins’ of reducing cost and carbon footprint: Organisations must adopt greener practices to minimise the environmental impact of their digital infrastructure - from embracing consolidation to optimising AI models for energy efficiency.
4. Compliance Redefined: Cyber teams pushed to prove ‘Impact’ over ‘Intent’: With the increase in cybersecurity related regulations organisations will need to go beyond written, approved and implemented policies. A growing trend towards providing real-time evidence and assurance to regulators will become a norm.
UAE - 18 FEB KSA - 23 FEB SINGAPORE - 24 OCT INDONESIA - 27 OCT MALAYSIA - 29 OCT INDIA (MUMBAI) - 12 NOV
(BENGALURU) - 14 NOV KENYA - 19 NOV
