As-salamu alaykum - AI tests Saudi cybersecurity like never before
As-salamu alaykum. AI is changing lots of industries, but it’s also reshaping cybersecurity and creating new digital risks across Saudi Arabia’s key sectors.
The Kingdom now faces a very aggressive cyberthreat environment. Regional data showed Saudi Arabia made up a large share of incidents in the Middle East in 2025, with phishing up sharply in the second quarter - much of it powered by AI-made emails, deepfake voice scams, and automated phishing tools.
This is a serious national security concern. Even though Saudi Arabia keeps investing heavily to build a strong cyber ecosystem, experts warn attackers are using tools that evolve faster than many defenses.
A new wave of AI-driven attacks
Damian Wilk, general manager of Emerging Markets EMEA at Gigamon, pointed out that AI has a double effect for security teams.
“As AI speeds up digital change across industries, it’s also giving cybercriminals more advanced tools,” he said. “That makes data visibility and quality a frontline defense, especially in hybrid cloud setups.”
Wilk referenced a recent Gigamon survey where most CISOs said combining packet-level data with metadata is key to improving security. Metadata is becoming a practical way to get insight from large data volumes without overloading teams.
In the region, the need is urgent. With critical infrastructure and government networks being targeted, deep observability - merging network telemetry and logs - is no longer optional. It’s now central to proactive defense and resilience.
“As threats move faster and get more complex, stakeholders should rethink investment priorities,” he added. “Focus needs to shift from only reactive firewalls and endpoint tools to data-driven designs that can anticipate and stop attacks.”
Saudi Arabia increases cyber investments
The Kingdom has been ramping up capacity. In 2023, Saudi Arabia invested SR13.3 billion (about $3.55 billion) in cybersecurity, an increase from the year before. Bodies like the Saudi Data and AI Authority and the National Cybersecurity Authority are running national programs that bring AI into threat monitoring and workforce training.
These efforts tie into Vision 2030, which puts digital resilience and AI readiness at the center of economic plans. Still, the sophistication of attacks keeps outpacing some defenses.
Hidden risks in connected devices
Osama Al-Zoubi, vice president for the Middle East and Africa at Phosphorus Cybersecurity, warned about a commonly overlooked weak spot: the extended IoT/OT ecosystem - the many smart devices used across industries.
“Billions of unmanaged and often unpatched devices exist in enterprise and industrial settings,” he said. “From smart sensors and security cameras to operational tech that controls power or production, each can be an entry point for attackers.”
As the Kingdom modernizes - smart cities, energy systems, and more - the number of connected endpoints is rising fast. Without clear inventories and continuous monitoring, critical systems can be left exposed.
“To protect the Kingdom’s digital future, cybersecurity must go beyond traditional IT networks,” he said. “XIoT security needs to be a national priority - it quietly powers the modern economy but is easy to exploit.”
From reactive to proactive defense
Both experts stress one main idea: visibility is power. Watching data flow through hybrid clouds and spotting weaknesses across connected devices are crucial steps.
For Saudi Arabia this means shifting from reacting to using proactive intelligence. Organizations should adopt continuous monitoring, AI-driven analytics, and align data security with national directives from SDAIA and NCA.
Wilk said the future lies in predictive visibility - turning network data into actionable intelligence.
• AI now enables deepfake voice calls and automated phishing, making some traditional defenses less effective.
• The Kingdom invested about $3.55 billion in cybersecurity in 2023 - roughly an 10.8% increase year-on-year.
• A large majority of CISOs believe combining packet-level data with metadata strengthens defenses.
“It’s not just about spotting threats but anticipating them. The more visibility you have, the faster you can adapt and reduce risk.”
Al-Zoubi added that public-private cooperation will be essential.
“Cybersecurity isn’t an isolated technical job - it’s a shared responsibility for governments, regulators, and the private sector,” he said. “Awareness, investment, and action must move together to stay ahead of AI-enabled attackers.”
A call to secure the unseen
As Saudi Arabia moves toward a data-driven economy, experts say awareness alone won’t do. The focus must be on execution - closing visibility gaps, protecting overlooked devices, and embedding AI into every layer of defense.
In a region where digital change is happening fast, the cost of doing nothing is real. The Kingdom’s growing use of AI, cloud services, and smart infrastructure makes cybersecurity both an economic and national security priority.
“AI has changed the rules of engagement,” Wilk said. “It’s redefining what defending means.”
Al-Zoubi’s warning was clear: cybersecurity awareness shouldn’t be just a month each year - it must be ongoing. The devices ignored today could be the ones that disrupt systems tomorrow.
Wa alaykum as-salam.
https://www.arabnews.com/node/