Building Digital Trust in Saudi Arabia: Insights from Group-IB’s Mohammad Flaifel

With cyber threats growing ever more common and attacks multiplying at an alarming rate, the cybersecurity industry has become the cornerstone of many nations’ digital strategies, chief among them Saudi Arabia, which boasts a thriving tech scene. To discuss these developments, we recently met Mohammad Flaifel, Regional Sales Director for KSA and Türkiye at Group-IB, who spoke with us at Black Hat MEA 2025 and shared his valuable insights on the industry and the region.

How has Vision 2030 reshaped Saudi Arabia’s cybersecurity landscape and market demand?

What has happened in Saudi Arabia has genuinely been a qualitative leap. This is no longer limited to digitalization efforts; it has become a mindset and a fundamental pillar of the country, primarily as the Kingdom works to build a national digital trust ecosystem.

In recent years, both in the Kingdom and across the region, we have seen a marked increase in the number and sophistication of cyberattacks, with a variety of techniques and methods used. We have also seen a tangible change in how companies and institutions in Saudi Arabia deal with these threats: they have not been satisfied with merely protecting themselves, but have moved quickly to get ahead of them and prepare for them before attacks occur.

From your experience, what are the most prominent challenges unique to the Saudi market?

Saudi Arabia is one of the largest and strongest economies in the Middle East, and one of the fastest-growing globally. What we are seeing today is a rapid rise in the level of compliance and regulation in the Kingdom, especially as the regulatory authorities have a high level of awareness in the field of cybersecurity and are currently working to organize frameworks in this area, while ensuring that companies and institutions remain aware, ready, and prepared for any cyber threats.

One of the challenges we see in the Kingdom is the wide-ranging impact that cyberattacks can have. The country is home to a large number of companies in technology, fintech, and banking services, which together form a fertile environment and a potential target for threat actors seeking financial gain. As a result, there is an apparent acceleration in cyber threats targeting the fintech sector in Saudi Arabia.

How is the fintech growth in Saudi Arabia shifting the nature of cyber threats?

There is no doubt that the financial transformation in Saudi Arabia has been enormous in recent years, thanks to its strong economy. Potential fraud scenarios involve social engineering, impersonation, and misuse of digital identities. We are seeing various forms of fraud, including account takeover, multi-channel fraud, fake applications, misuse of leaked identity data, and cross-border fraud networks. Threats are no longer limited to viruses or simple attacks; they have evolved into an organized criminal ecosystem targeting companies.

What are you doing to develop local cybersecurity expertise in Saudi Arabia and the region?

Group-IB has 23 years of experience in cybersecurity and is keen to move from the global to the local. We do not want to bring our services and products to companies; we seek to develop local talent in the countries where we operate through various means.

For example, Group-IB builds partnerships with universities interested in teaching cybersecurity to train students and the younger generation on the most common challenges and techniques in this field.

In addition, we build local capabilities in security operations centers to develop skills and expertise across all aspects, including analysis, data, and cyber threat intelligence. Our efforts are not limited to training only; we also make a point of hiring young people in the Kingdom across the different areas in which we operate.

What advice do you have for business leaders in Saudi Arabia?

Cybersecurity is not an IT project; it is a leadership decision. The entire organization has to be engaged in this domain.

Companies today are moving towards the use of artificial intelligence, which has itself become an entry point for fraud and intrusions. New investments in hardware and software, therefore, need to be aligned with each company’s cybersecurity vision and framework.

All companies are exposed to breaches, but they differ in how they handle and respond to those incidents.