As operational technology (OT) cyberattacks skyrocketed by 49% in 2024, targeting critical sectors such as power grids, oil and gas facilities, factories, and transport systems, GISEC Global 2025 is stepping up to address these challenges. The event, currently taking place until May 8th at the Dubai World Trade Centre, has launched a pivotal new OT Security track, marking it as the largest cybersecurity event in the Middle East and Africa.
The OT-focused conference at GISEC Global is tackling evolving risks, system vulnerabilities, and strategies for securing critical infrastructure. Key discussions include the role of AI in ICS/OT Security, the threats posed by quantum computing, and the protection of ICS and SCADA systems, as well as digital supply chains. The presence of top CISOs, CIOs, OT security heads, and policymakers underscores the urgency of fortifying SCADA, ICS, and digital supply chains against increasing cyber threats.
According to Markets and Markets, the global OT security market is projected to double to $44.9 billion by 2029. Research from IBM reveals that the average cost of cyberattacks on organizations in the Middle East is $8.75 million—nearly double the global average. OT security encompasses advanced cybersecurity protocols designed to ensure the integrity, availability, and safety of industrial control systems. As critical infrastructure faces escalating cyber threats, robust OT security becomes essential for maintaining continuity across sectors like oil and gas, manufacturing, energy, transport, and utilities.
In late 2024, ransomware groups intensified their attacks on industrial sectors, with manufacturing, transportation, and ICS operations becoming prime targets. Experts at GISEC Global emphasized that only aggressive defense strategies, intelligence sharing, and cross-sector collaboration can safeguard critical infrastructure into 2025 and beyond. The discussions highlighted the need for modern OT protection, focusing on precision AI and leveraging machine learning, deep learning, and large language models.
Simone Fortin, Global CISO of the Cruise Division at MSC, addressed cybersecurity threats in the maritime industry, where ships can carry up to 10,000 passengers and are increasingly driven autonomously. He called for streamlined regulations that can be universally applied, noting the complexities introduced by varying national regulations. “For an industry like maritime, which is regulated by the UN, it is hard to interpret how to prevent AI threats for something critical like managing a ship,” he explained.
The OT Security Track also spotlighted the escalating IoT/IIoT threats in the oil and gas sector, featuring insights from global CISOs defending some of the world’s most targeted industries. Amal Krishna, Executive Director and CISO at ONGC, stressed the importance of prioritizing asset visibility, network segmentation, and secure remote access. He emphasized that breaking down silos between IT, OT, and engineering teams is equally critical. “Cyber resilience in critical infrastructure isn’t just about technology; it’s about collaboration, continuous monitoring, and a security-first culture,” he stated.
Albert Vartic, Upstream OT Cybersecurity Officer at OMV Petrom, noted that over the next five years, OT cybersecurity in the Middle East’s critical infrastructure will undergo significant evolution. He pointed out that the region’s rapid digitalization has expanded the attack surface, making industrial systems more vulnerable. Proactive measures, such as adopting IEC 62443 standards and fostering cross-team collaboration, will be essential for safeguarding operational resilience.
Exhibitors Ayman Al Issa from CPX and Mohammed Mousa from CyberKnight analyzed the 49% surge in OT attacks, offering actionable defenses for the energy, healthcare, and manufacturing sectors. Mousa, an OT/xIoT Consultant at CyberKnight, warned that legacy OT systems were not designed to withstand today’s threats. “The escalation in intrusions is a consequence of accelerated digital transformation in industrial sectors,” he explained, highlighting the risks associated with integrating IT and OT environments.
To stay ahead of cybercriminals, Al Issa emphasized the importance of conducting risk and threat assessments to identify vulnerable assets and potential attack vectors. “In today’s fast-shifting business landscape, organizations need to focus on identifying their most critical assets—those that are at the highest risk,” he advised. This involves mapping interdependencies and potential attack vectors while using threat intelligence to monitor suspicious activity and manage vulnerabilities.
Amr Elsayed, Regional OT/ICS Cybersecurity Specialist at CyberKnight, echoed the sentiment that technology, collaboration, and workforce training should be key priorities for businesses. He advocated for a Zero Trust approach, enforcing least-privilege access and micro-segmentation to limit breach impact. “Advanced real-time monitoring and threat intelligence sharing are critical for proactive defenses,” he noted, emphasizing the need for accurate OT asset inventories and incident response drills.
As Middle Eastern nations rapidly adopt digitization, the region is becoming a prime target for cyberattacks. However, experts anticipate that a range of measures will be implemented to protect cybersecurity infrastructure. GISEC 2025 could serve as a platform for policymakers and tech giants to draft a comprehensive playbook for the future. Al Issa remarked, “Over the next five years, we can expect a major shift toward structured, regulation-driven cybersecurity approaches.”
Organized by the Dubai World Trade Centre, GISEC Global 2025 is hosted by the UAE Cybersecurity Council under the theme of ‘Securing an AI-Powered Future,’ with support from the Dubai Electronic Security Center (DESC), the UAE Ministry of Interior, and Dubai Police.
