Richard Seiersen , Chief Risk Technology Officer , Qualys , makes six predictions for the Middle East region for the year ahead . ceans of clouds , containers ,

As 2025 dawns , the CISO must question the status quo and ask themselves how things need to change in the coming year . Is AI a risk that requires a new security strategy ? Could it also be the answer to facing down a threat landscape that is scaling up in terms of both volume and stealth capabilities ? Would AI play the role of traffic cop , analyst , auditor , advisor ? And what of the human factor ? Will AI replace security professionals or augment their efforts ?

As such , a better question is , ‘ What do businesses stand to lose ( i . e . what is the value at risk ) from AI abuse and misuse ?’ And what portion of this risk can be addressed with current security capabilities ? For example , is securing an AI agent from threats like spoofing , tampering , information disclosure , denial of service , or escalation of privileges actually novel ?

Does it require new investments to build up a dedicated ‘ AI ’ security stack ? Similarly , consider that AI models consist of open-source and first-party code deployed on premises , in the cloud , or both . Infrastructure , software-pipeline , and supply-chain security practices still apply . So again , the question is , do we really need a complete security rethink ?

Richard Seiersen , Chief Risk Technology Officer , Qualys

Below , I try to answer some of these questions and others with six predictions that I believe will shape regional cybersecurity in 2025 .

Prediction 1 : The increasing use of AI will not alter the basics of cybersecurity strategies

While several regional enterprises are looking for the next best AI solution in an effort to fight fire with fire , I am reminded of the famous Alphonse Karr quote , “ The more things change , the more they stay the same .”

The CISO must question the status quo and ask themselves how things need to change in the coming year .

My recommendation is that security teams proactively address these evolving threats by developing robust threat models and establishing guardrails – essentially , ‘ secure by default ’ solutions . Ultimately , the key challenge lies in balancing the desire for rapid Digital Transformation with the imperative of safeguarding enterprise assets against potential AI-related abuses .

Prediction 2 : The ‘ human factor ’ will be key to guarding against the increase in hackers leveraging AI for offensive attacks

AI will enable bad actors to do what they have always done , but faster . Just like defenders , they will use AI to automate software development and expedite the analysis of reams of data to discover plausible vulnerabilities and select and execute exploits .

One critical area for improvement lies in addressing human vulnerabilities , often referred to as ‘ layer 8 ’ in cybersecurity . Since humans are easily spoofed , it ’ s essential to implement

WWW . INTELLIGENTCISO . COM 33