Cyber safety leaders within the Center East are adjusting to a brand new actuality the place synthetic intelligence (AI) is sharpening assaults even because it strengthens defences. Conversations with regional chief info safety officers (CISOs), analysts and suppliers reveal a transparent shift. Social engineering has change into much more convincing, shadow AI is creating fixed dangers, and safety groups are beneath stress to function on the identical velocity because the threats they face.
What has modified most isn’t just the quantity of assaults, however their high quality. The common warning indicators that after helped flag phishing or impersonation makes an attempt have largely disappeared.
Aus Alzubaidi, CISO at MBC Group, factors to an increase in well-written, contextually related spear phishing and deepfake impersonation. Within the area, he says, attackers are already utilizing AI-generated audio and video to impersonate executives and authorise transactions. “What as soon as appeared theoretical is now enjoying out in actual operations,” he says.
That erosion of belief is now being exploited at scale. Roland Daccache, director of gross sales engineering for the Center East and North Africa at CrowdStrike, says AI is accelerating each stage of the assault lifecycle, not simply bettering content material. The corporate’s 2026 world risk report recorded an 89% year-on-year improve in exercise by AI-enabled adversaries.
Osama M. Hijji, group CISO at EFG Holding, says superior persistent risk (APT) teams are utilizing AI to speed up malware growth, mount extra complicated distributed denial of service (DDoS) assaults and launch subtle phishing campaigns. That is leading to social engineering that feels credible, making malicious exercise more durable to detect.
AI’s twin impression on safety
Whereas dangers dominate most conversations, not each safety chief sees AI as a internet adverse. Alzubaidi is obvious on this. “AI helps me as a defender greater than it’s serving to the attackers,” he stated. “That’s my sincere view.”
Triage is quicker, correlation is stronger, and analysts can work at the next degree as soon as AI handles the noise. “If the basics are sturdy, AI makes a very good crew sooner,” he provides.
AI helps me as a defender greater than it’s serving to the attackers Aus Alzubaidi, MBC Group
That upside is already reshaping how safety groups function. There’s rising demand for what Daccache describes as “agentic SOCs” (safety operations centres) wherein analysts oversee fleets of clever brokers that deal with triage, investigation and response. The aim is to function at machine velocity in opposition to AI-driven threats, liberating people to deal with technique and judgement.
However the identical momentum is creating new dangers.
Enterprise items throughout organisations are adopting AI instruments sooner than safety groups can consider them. That is driving a surge in shadow AI, with delicate knowledge stepping into techniques that always lack visibility or management. That is one thing Alzubaidi offers with each day. “A coverage tells folks what they need to do. It doesn’t let you know what they’re truly doing,” he stated.
With out technical controls, monitoring and clear knowledge boundaries, insurance policies provide restricted safety.
Execution gaps are compounding the issue. Nitin Gulia, a Dubai-based IT threat and cyber safety govt, highlights knowledge readiness, legacy system integration, mannequin governance and expert expertise as the most important constraints. Many organisations are nonetheless experimenting with AI in safety somewhat than deploying it at scale, even because the expertise will get embedded throughout their wider operations.
How priorities are shifting
All of that is now seen in how CISOs are setting priorities.
Id has moved to the highest of the record, as stronger impersonation makes it simpler for attackers to log in somewhat than break in. AI governance is not one thing that may be delegated or dealt with via coverage alone. It’s turning into a core CISO accountability. On the identical time, detection and response are being revisited to maintain tempo with quickly evolving risk indicators.
Stronger impersonation makes it simpler for attackers to log in somewhat than break in
Hijji says his organisation is exploring AI-driven id and entry administration techniques that may flag dangerous entry patterns in actual time.
Throughout the area, nevertheless, progress is uneven. Ahmad Shehab, analysis analyst at Counterpoint Analysis, says giant organisations in markets such because the UAE, Saudi Arabia and Qatar are transferring in the direction of a “resilience-first” method, constructing safety into AI initiatives from the outset. Banking continues to steer in cyber safety funding, given its systemic significance.
In lots of different markets, the sample stays the identical. Digital transformation comes first, and safety follows later, typically in response to incidents somewhat than by design.
Shehab highlights gaps in superior abilities, tooling and constant governance as essentially the most seen constraints. Whereas some international locations prioritise knowledge management and AI safety, others stay centered on growth, creating uneven maturity throughout the area.
For Alzubaidi, the distinction comes right down to fundamentals. AI doesn’t repair weak techniques, he argues. It amplifies what’s already there. Sturdy groups get sooner. Weak ones merely make errors extra shortly.
Safety leaders agree that the organisations making progress are these tightening id controls, taking AI governance severely and creating operations that may preserve tempo with trendy threats. Progress is seen, however it’s removed from uniform throughout the area.
