UAE: Gen AI causes major setback for cybersecurity in region, expert says
- April 8, 2025
- Posted by: sourceexpert
- Category: Business plans
A cybersecurity leader said on Tuesday that generative artificial intelligence has been a major setback for data security concerns in the Middle East and North Africa regions over the last few years. This will cause businesses to spend more on cybersecurity services in 2025, according to a forecast by a research and advisory firm.
Speaking at a media roundtable, Sam Olyaei, vice president and team manager at Gartner, said that in addition to Gen AI — AI systems that generate content or data — one of this region’s biggest cybersecurity problems is social engineering. Social engineering is when humans use deception and other tactics to gain control of someone’s computer or financial data. The next big concern is data phishing, an attack that tries to steal your personal information, including your money and identity.
Figures by Gartner show that spending on security services in the Mena region is projected to grow 16.6 per cent in 2025, which is driven by cost efficiency, skill shortages, and access to advanced technology.
Olyaei said that the problem with cyber threats becomes greater when organisations want to fast-track their AI technologies to be in line with competitors and put large swaths of data into programmes like ChatGPT, OpenAI, and Microsoft Copilot without a second thought.
“That results in cybersecurity issues. While the business may want to go ahead and be profitable, the CISO (chief information security officer) has the dual responsibility of protecting the business and servicing the business,” Olyaei said.
He added that the cybersecurity leaders of organisations must focus on two things: firstly, CISOs have to enable digital transformation. At the same time, they need to make sure that the business is protected. He said, “The cybersecurity leader has this sort of job of balancing the need to run the business against the need to protect the business.”
The cybersecurity expert said that because a lot of IT security policies are too strict, and many people don’t comply with it. “A vast majority of our clients tell us that they would much rather do the wrong thing by clicking on a link or clicking on a control because that helps them achieve their job a lot quicker than if they were to do the right thing,” he said. Additionally, he said that 75 per cent of technology decisions in organisations are made outside of IT, so the goal would be to empower those people to make the correct decisions in the case of a cyber risk.
“In cybersecurity, we find that there are certain industries, like financial services, that are very mature in the way that they process an organisation,” he said. He compared that with other industries, like manufacturing or oil and gas, which do not have as many appropriate measures in place to tackle cybersecurity. He added that small and medium-sized enterprises (SMEs) suffer from cyberattacks the most because they don’t have the right controls in place.