The second day of Black Hat MEA in Riyadh noticed 1000’s of cybersecurity specialists, founders, and CISOs collect to dissect a risk horizon that’s shifting by the minute. The occasion, which has turn out to be a focus for the worldwide safety neighborhood, moved past concept into high-pressure intelligence sharing, dwell simulations, and the world’s largest Seize the Flag (CTF) competitors.
Discussions throughout the Govt Summit and Briefing phases centered on the realities shaping 2026: the speedy growth of assault surfaces, the affect of AI on determination cycles, and the fragility of provide chains.
AI as crucial infrastructure
A recurring theme was the pivotal function of synthetic intelligence in each protection and assault. Anne Marie Zettlemoyer of the Nationwide Safety Institute delivered a stark evaluation of the panorama.
“The methods we defend and the pace at which we defend them have modified extra previously couple of years than within the earlier twenty,” she stated, emphasising that AI has transitioned from an rising concept to “our subsequent crucial infrastructure.”
Zettlemoyer challenged the attendees to cleared the path in defining accountable AI safety. “Black Hat is not only a convention, it’s a gathering of probably the most succesful strategic and highly effective minds wherever on the earth. If anybody can outline accountable AI safety, it’s this neighborhood.”
Management in a digital tsunami
Charles Forte, director common and CIO on the UK Ministry of Defence, used a ‘Browsing the Digital Tsunami’ analogy to explain the problem of management when threats outpace mapping capabilities. He outlined three priorities for an organised response: disciplined processes, new funding in AI-era defence, and rigorous scrutiny of provide chains equal to that of inside methods.
The dialog additionally turned to the evolving function of the CISO. Derek Cheng, CISO at Deliveroo, led a session on the ‘CISO Maturity Mannequin’, exploring how safety leaders can transition from technical operators to high-impact decision-makers who form danger agendas on the board degree.
Simulating maritime threats
One of many day’s most compelling sensible demonstrations was the Ship Spoofing simulation. Members witnessed how trendy vessel navigation methods could be manipulated by corrupted information streams. The simulation confirmed ships veering off beam in real-time as spoofed coordinates rewrote their route logic, exposing the vulnerability of the maritime transport sector to more and more exact assaults.
Steve Durning, portfolio director of Black Hat MEA at Tahaluf, commented: “The simulations, competitions and hands-on environments are the place concept will get pressure-tested and the place groups uncover what truly holds up towards actual assaults. Riyadh is proving that whenever you put this degree of functionality in a single place, progress accelerates quick.”
The world’s largest CTF
On the coronary heart of the occasion was the Seize the Flag (CTF) competitors, the place 1000’s of specialists engaged in a three-day jeopardy-style match. Testing expertise throughout internet, forensics, reverse engineering, and cryptography, the competitors stays open till the finale, with each remaining problem a possible game-changer.
Working in parallel, the Bug Bounty Cup noticed elite hunters drilling into dwell targets to floor crucial vulnerabilities, pushing the boundaries of moral hacking.
Annabelle Mander, government vp of Tahaluf, added: “Day two confirmed how shortly this neighborhood strikes when the stress is actual. The conversations right here aren’t concept. They’re selections that form nationwide resilience and international safety. Riyadh has turn out to be a spot the place IT leaders evaluate notes, problem assumptions and construct functionality with readability and intent.”
