Ray Kafity – Vice President, Middle East, Turkey & Africa at Halcyon, in a conversation with Techitup ME, highlights the growing threat of ransomware, the role of AI in modern attacks, and Halcyon’s real-time recovery capabilities for Middle East enterprises
Can you tell us about Halcyon’s presence at GISEC 2025 and what were the highlights this year?
It’s amazing to see how GISEC has evolved—from just two halls 12 years ago to eight today—which reflects how seriously the cybersecurity landscape is expanding and modernizing. Our spotlight this year is firmly on ransomware resilience. Ransomware remains a critical threat, and organizations are increasingly concerned not just about prevention but also about rapid recovery. At Halcyon, we’re showcasing a resilient ransomware defense platform that allows immediate recovery, ensuring businesses get back on track quickly—because every hour of downtime translates into lost revenue.
What ransomware trends are you observing in 2025, and what are your predictions for the rest of the year?
We’re seeing a surge in ransomware-as-a-service (RaaS) groups—over 250 active groups—collaborating and sharing tools to launch sophisticated attack campaigns. These groups are escalating from double to quadruple extortion tactics, maximizing pressure on victims. In 2023 alone, ransomware profits neared $1 billion, and that number is only expected to grow.
The impact and sophistication of ransomware are increasing. If organizations don’t adopt advanced, AI-driven cybersecurity tools, they face higher risk, longer downtimes, and greater financial losses.
What role is AI playing in modern ransomware threats, and what should organizations watch for?
AI is now a double-edged sword. Attackers are using AI to build faster, more targeted ransomware campaigns. If you’re defending with outdated tools while attackers are using AI, it’s a losing battle. Organizations need to shift to AI-enriched defense platforms that can analyze, correlate, and respond in real-time. Without that, you’re essentially defending against machine guns with a knife.
How is Halcyon helping Middle East organizations strengthen ransomware readiness?
We stand out in two major ways:
- AI Models Trained for Ransomware: We use purpose-built AI models trained on the tools, tactics, and procedures (TTPs) of ransomware groups—especially RaaS actors. This gives us unmatched detection and prevention accuracy.
- Immediate File Recovery: We guarantee that customers won’t need to pay a ransom. Our unique technology allows real-time file recovery, reducing downtime from weeks or months to minutes. If we already have a decryptor in our library, we enable instant recovery. If not, our Ransomware Detection & Response (RDR) team, included with our solution, steps in to help recover the data.
How does Halcyon integrate with existing EDR, XDR, or SIEM platforms?
Halcyon is designed to be complementary, not competitive. We integrate seamlessly with EDR, XDR, and SIEM systems, enhancing their ransomware defense capabilities. Since our Middle East launch in May 2024, we’ve onboarded 12 production customers across sectors like banking, logistics, real estate, and finance—none of whom have reported successful breaches post-deployment.
Globally, we support nearly 500 customers and offer cyber insurance coverage. If a breach does occur and our system can’t automatically recover the data, our warranty kicks in, and our RDR team is deployed for manual mediation and recovery.
