As geopolitical tensions intensify and digital ecosystems become increasingly complex, the nature of cyber threats is undergoing a profound transformation. From AI-driven attacks to the rise of hacktivist campaigns and the weaponization of misinformation, today’s threat landscape is more volatile than ever. In this exclusive interview with Dubai Diaries, Haider Pasha, Chief Security Officer for EMEA & LATAM at Palo Alto Networks, offers a strategic perspective on the evolving cyber battleground, highlighting the critical shifts shaping organizational security and what CISOs across the Middle East must prioritize to stay resilient.
How have cyber threats evolved in recent months, and what are some of the most concerning trends your team has observed globally?
In recent months, cyber threats have been evolving rapidly with a sharp rise in AI-driven attacks, ransomware-as-a-service (RaaS), and supply chain compromises. There has been around 300% increase in cloud credential theft in 2024, driven by AI-powered phishing and zero-day exploits, according to the Unit 42 2025 Cloud Cybersecurity Research.
Nation-state actors are also increasingly targeting critical infrastructure, while deepfake and social engineering attacks are becoming more prevalent. These evolving tactics demand proactive threat intelligence, AI-powered defense, and integrated security to protect against today’s dynamic and fast-changing threat landscape.
What role are hacktivist groups and cybercrime syndicates playing in today’s threat landscape, and how are their methods changing?
Hacktivist groups and cybercrime syndicates are having a big impact on today’s cyber landscape, with attacks that are becoming more coordinated and harder to track. Hacktivists are using cyberattacks to push political agendas such as DDoS attacks or defacing websites. On the other hand, cybercrime syndicates are going after financial gain through ransomware, data breaches, and extortion. Using tools such as AI, automation and encryption, we’re seeing these groups launch faster and more targeted attacks. To stay ahead of these threats, it’s important to be vigilant and ensure there’s strong collaboration across the board.
We’ve seen a rise in attacks targeting critical infrastructure and civilian services. Why are these sectors increasingly vulnerable, and how can organizations build better defenses?
Both of these sectors are becoming more vulnerable as they are high impact targets and often operate with outdated systems and limited security measures. We’re seeing threat actors exploiting this gap, knowing that any disruption can create urgency and chaos. The growing convergence of IT and operational technology also expands the attack surface. To strengthen defenses, organizations need to focus on network segmentation, adopt a zero-trust model, and enhance visibility across systems. It’s also important to invest in threat intelligence, automate response capabilities, and conduct regular risk assessments to stay protected in this evolving landscape.
Can you shed light on how cyber disinformation and psychological operations are being used to influence public perception or disrupt normalcy?
Cyber disinformation and psychological operations are increasingly used to disrupt trust and social stability. At Palo Alto Networks, we’re tracking campaigns that combine fake news, deepfakes, and social media manipulation to influence public perception and amplify division. These operations often support broader geopolitical goals and are difficult to detect. To prevent them, we require a collaborative approach which integrates cybersecurity, threat intelligence, and public awareness to identify and mitigate influence-driven digital threats.
Many cyberattacks now exploit everyday devices and unpatched systems. What should businesses and individuals be doing to reduce their attack surface?
Attackers are targeting everyday devices which are often overlooked such as routers, smart cameras, and even outdated software. To reduce the attack surface, businesses and individuals should prioritize regular updates and implement strong access controls. It’s also important to adopt a zero-trust architecture and use automated security tools to further minimize risk. It’s also important to maintain strong cyber hygiene, including the use of complex passwords and regular updates, to help defend against threats.
With the increasing complexity of attacks, how important is it for organizations to invest in employee cybersecurity training and multi-layered defense strategies?
As attacks grow more complex, investing in employee cybersecurity training and multi-layered defense is essential. We consistently see human error as a leading cause of breaches, and it’s important that organizations not only invest in training and raising awareness, but also in adopting security strategies that include endpoint protection, network segmentation, zero trust principles, and continuous monitoring.
What practical steps can CISOs and IT leaders in the Middle East take today to improve their readiness for digital conflict or large-scale cyber disruptions?
CISOs and IT leaders in the Middle East can take several steps to strengthen their readiness for digital conflict, starting with a clear cyber risk assessment to identify vulnerabilities. It’s also important to implement a zero-trust architecture, enhance visibility across networks, and invest in AI-driven threat detection. We also recommend developing and regularly testing incident response plans, enforce employee training, and engage in regional threat intelligence sharing to stay ahead of emerging threats.
