As Middle Eastern countries accelerate digital transformation through smart cities, AI adoption, and giga-projects, cybersecurity threats are evolving faster than defenses can keep up. In an exclusive interview with Abdul Ghaffar Setareh, Group Chief Risk Officer at Zain Group, he paints a stark picture of the region’s cyber battleground: AI-powered ransomware, 300 Gbps DDoS attacks, and hackers exploiting supply chain loopholes to target critical infrastructure.
“AI is no longer just a tool for innovation, it’s a weapon,” says Setareh. “Hackers now use generative AI to craft hyper-targeted phishing campaigns, spread disinformation, and even automate attacks on telecom networks.” Recent incidents, like a 300 Gbps DDoS assault that temporarily crippled a GCC country’s connectivity services, underscore the scale of the challenge. “We once thought 20 Gbps defences were sufficient. Now, attackers deploy 15 times that volume,” he adds.
The human factor remains equally critical. A widening cyber skills gap plagues the region, with ethical hackers and threat analysts in short supply. To counter this, Zain employs “ethical hackers” to scour the dark web for threats targeting the company or its customers. “Collaboration is non-negotiable,” Setareh emphasizes. “Partnerships are crucial in this ecosystem.”
huawei and zain
Defenses against cyber threats are constantly struggling to keep up with the evolving landscape of attacks. Every time a new security measure is implemented, attackers find ways to bypass it within a short period. This ongoing battle highlights the sophistication and adaptability of cybercriminals.
One of the most significant challenges is the exploitation of third-party vendors by ransomware gangs. These attackers target weak links in supply chains, leveraging vulnerabilities in software suppliers, managed service providers, and other third-party entities to breach systems that would otherwise be secure. For example, attacks like the SolarWinds and Kaseya incidents that happened in 2020 and 2021 that impacted many entities across the globe show how hackers can inject malicious code into software updates, affecting thousands of organizations.
Recently, Setareh’s team in coordination with ZainTECH, the group’s specialized ICT arm thwarted an extortion attempt that was unrelated to Zain but aimed at one of its third-party suppliers. This incident underscores how interconnected risks have become in today’s digital ecosystem. The fact that attackers can exploit vulnerabilities in third-party vendors to target customers indirectly shows the complexity and reach of modern cyber threats.
The challenge is compounded by the shortage of skilled cybersecurity professionals and the financial constraints faced by many organizations. As a result, cybersecurity teams often struggle to keep up with the latest threats and technologies, making it difficult to maintain robust defenses against sophisticated attacks.
In this context, collaboration and continuous vigilance are essential. Organizations must work together to share intelligence on emerging threats and implement robust security measures that address both internal vulnerabilities and external risks. This includes enhancing employee awareness, regularly updating software, and ensuring that third-party vendors adhere to stringent security standards. By adopting a proactive and collaborative approach, organizations can better navigate the complex cybersecurity landscape and protect themselves against the ever-evolving threats posed by ransomware and other cyberattacks.
The talent crisis and leadership divide
While Middle Eastern organizations plan to boost cybersecurity budgets by 11% in 2025, Setareh stresses that technology alone isn’t enough. “Awareness is our first line of defence,” he says, detailing Zain and ZainTECH’s weekly employee training, board-level risk briefings, and simulated phishing drills. Still, the region faces a paradox: 77% of Middle Eastern firms raised cyber budgets in 2024, yet 45% lack skilled teams to deploy solutions effectively.
Setareh also highlights a growing rift between executives: “CIOs see AI as a growth engine, while CISOs view it as a possible backdoor for breaches.”
With the Middle East’s cyber threat intelligence market projected to exceed 31 billion USD by 2030, Setareh urges a unified approach. “No company can fight alone,” he says, pointing to Zain and ZainTECH’s partnerships with companies like Huawei and other leading global cybersecurity solutions providers.
As cyber threats grow increasingly complex, the many cybersecurity accreditations Zain Group and ZainTECH have received over the years, reaffirms the company’s role as a trusted partner in digital transformation, delivering innovative, customer-centric solutions while maintaining the highest standards of excellence.
Setareh concluded, “By joining forces with leading global solutions providers, we are not only safeguarding Zain and our 49 million customers from threats, but we are also empowering organizations and government entities across the region to navigate today’s complex cybersecurity landscape while accelerating their digital transformation journeys. Strategic partnerships underscore our shared commitment to improving cybersecurity resilience for organizations of all sizes and sectors in the Middle East.”
Read More from This Article: Cybersecurity under siege: How AI and ransomware are redefining threats in the Middle East
Source: News