ALKHOBAR: As artificial intelligence reshapes industries, it is simultaneously rewriting the rules of cybersecurity, forcing Saudi Arabia to confront new layers of digital risk across its critical sectors.

The Kingdom now faces one of the most aggressive cyberthreat landscapes in the world. Regional data shows Saudi Arabia accounted for 63 percent of all cyber incidents in the Middle East in 2025, with phishing attacks alone surging 22.5 percent in the second quarter — much of it driven by AI-generated emails, deepfake voice scams, and automated phishing tools.

This shift marks a turning point for national security. While Saudi Arabia continues to invest billions in building a world-class cyber ecosystem, experts warn that attackers are evolving faster than defenses can keep pace.

A new era of AI-fueled attacks

Damian Wilk, general manager of Emerging Markets EMEA at Gigamon, said the rise of artificial intelligence has created a double-edged effect for security teams.

“As AI accelerates digital transformation across industries, it’s also inadvertently arming cybercriminals with more advanced tools,” he said. “This dual impact has made data visibility and quality a frontline defense, particularly in hybrid cloud environments.”

Wilk pointed to a recent Gigamon survey of global CISOs, in which 86 percent believe combining packet-level data with metadata is essential to improving their organization’s security posture. Metadata, he added, is emerging as a scalable way to extract insight from expanding data volumes without overwhelming security teams.

n the Middle East, the urgency is especially acute. With critical infrastructure and government networks now prime targets, Wilk said deep observability — the integration of network telemetry and logs — is no longer optional. It has become the backbone of proactive defense and operational resilience.

“As threats grow in speed and complexity, regional stakeholders must rethink their investment priorities,” he added. “The focus should move beyond reactive firewalls and endpoint tools toward data-driven architectures capable of anticipating and preventing attacks before they occur.”

Saudi Arabia’s cyber investments intensify

The Kingdom has steadily scaled its cyber capabilities. In 2023, Saudi Arabia invested SR13.3 billion ($3.55 billion) in cybersecurity, a year-on-year increase of 10.83 percent. Key institutions, including the Saudi Data and AI Authority and the National Cybersecurity Authority, are leading national programs that integrate AI into threat monitoring and workforce development.

These initiatives are part of the broader Vision 2030 agenda, which places digital resilience and AI readiness at the heart of economic diversification. Yet, despite growing awareness, the sophistication of attacks continues to outpace defenses.

The hidden risk inside connected devices

Osama Al-Zoubi, vice president for the Middle East and Africa at Phosphorus Cybersecurity, highlights one of the most overlooked weak points: the XIoT ecosystem — the extended network of IoT, OT, and IIoT devices embedded across industries.

“Billions of unmanaged and often unpatched devices exist within enterprise and industrial environments,” Al-Zoubi said. “These include everything from smart sensors and security cameras to operational technology that controls power grids or production systems. Each one represents a potential entry point for attackers.”

He warned that as Saudi Arabia modernizes infrastructure — from smart cities to energy systems—the number of connected endpoints is skyrocketing. Without a clear inventory and ongoing monitoring of these assets, organizations risk leaving their most critical systems exposed.

“To truly protect the Kingdom’s digital future, cybersecurity strategies must go beyond traditional IT networks,” he said. “XIoT security has to become a national priority, because it’s the layer that quietly powers the modern economy yet remains the easiest to exploit.” 

Proactive defense over passive response

Both experts agree on one central message: visibility is power. Observing data traffic through hybrid clouds and identifying vulnerabilities across connected devices are crucial to effective cybersecurity.

For Saudi Arabia, this means moving from a reactive posture to proactive intelligence. Organizations are urged to adopt continuous monitoring, integrate AI-driven analytics, and align their data security frameworks with national directives from SDAIA and NCA.

Wilk emphasized that the future of cybersecurity lies in predictive visibility — turning network data into actionable intelligence.

“It’s not just about detecting threats but about anticipating them. The more visibility you have into your environment, the faster you can adapt and mitigate risk.”

Al-Zoubi added that public-private collaboration will be key.

“Cybersecurity is no longer an isolated technical function — it’s a shared responsibility between governments, regulators, and the private sector,” he said. “Awareness, investment, and execution must move in sync if we are to stay ahead of AI-enabled adversaries.”

A call to secure the unseen

As Saudi Arabia accelerates toward a data-driven economy, experts stress that awareness alone is not enough. The focus must shift to execution — closing visibility gaps, protecting overlooked devices, and embedding AI into every layer of cyber defense.

In a region where digital transformation is advancing at record speed, the consequences of inaction are no longer theoretical. The Kingdom’s growing reliance on AI, cloud services, and smart infrastructure makes cybersecurity both an economic and national security imperative.

“AI has changed the rules of engagement,” Wilk said. “It’s redefining what it means to defend.”

Al-Zoubi agrees, issuing a stark warning:

“October is Cybersecurity Awareness Month, but for Saudi Arabia, awareness must extend year-round. The devices we ignore today could be the ones that bring tomorrow’s systems down.”