network segmentation, one-way gateways where feasible, strict jump-host patterns and leastprivilege remote access.
“ Threat actors don’ t hack today. They log in,” said Naman Taldar, Regional Lead – OT Cybersecurity, Rockwell Automation, arguing for ruthless control of third-party access and the elimination of exposed RDP gateways that turn OT perimeters into‘ Swiss cheese’.
Even within those constraints, the group urged planned maintenance over catastrophic surprise. Planned downtime, however painful, is cheaper than an uncontrolled outage of a power plant, desalination facility or metro system. Risk quantification makes that visible.
Human factors: the first and last control
Technology cannot compensate for untrained or overconfident users. Social engineering and credential theft remain the root cause of most breaches.
Mercan Yildirim, Founder & CEO – German Cyber- Systems, reminded the room that adversaries exploit empathy and politeness as deftly as software flaws. She advocated making privacy‘ cool again’, with tiered information classification, strict need-to-know and secure communications by default.
Dark Web monitoring for leaked credentials and brand mentions was recommended for larger entities, with the important caveat that not every business can staff or afford deep monitoring in-house.
Several leaders described pragmatic culture programmes. Phishing simulations tailored to realworld lures, incentives for vigilant reporting and, crucially, building a‘ human firewall’ that treats false positives as the acceptable cost of catching the one alert that matters.
AI: accelerator for both sides
AI’ s prominence at GITEX mirrored its dual role in security.
Defenders are deploying analytics to prioritise alerts across sprawling IoT estates and to spot synthetic voices hitting help desks for password resets. Attackers are using AI to generate bespoke malware and deepfake social engineering at scale. That asymmetry makes resilience planning even more urgent: assume intrusion, limit blast radius and practice clean-room rebuilds of critical services.
Regulation, data residency and collaboration
Regional regulators are moving fast. Data-residency mandates and sectoral standards across the GCC are driving cloud providers to localise and enterprises to inventory data flows. Participants welcomed that momentum but cautioned against unfunded mandates, especially for small financial institutions and FinTechs.
Public-private co-operation featured heavily. Leaders asked authorities to pair requirements with practical playbooks, assessment support and shared testing capabilities. Faster incident-reporting channels and integrated crisis response with national CERTs will harden the whole ecosystem.
Make the business case in the language of the CFO
Budgets dominated the second half of the discussion. The consensus: security leaders win funding when they speak the language of risk and return, not the language of controls.
One CISO shared a failed pitch for Dark Web monitoring that drowned the board in technicalities. Months later he returned with a simple, quantified narrative about revenue protection, reputational risk and competitive advantage. The tool was approved on the spot. Another mapped an investment to a specific sales blocker: ISO 27001 certification reduced friction with global university partners and accelerated deals.
26 WWW. INTELLIGENTCISO. COM