Sultan Mahmood, Chief Security and Privacy Officer at Huawei Gulf North, in conversation with Techitup ME, highlights alignment with national strategies, AI-native security innovations, and emphasizes a call for united industry action against evolving cyber threats
Please tell us about your GISEC 2025 presence. What were the highlights of this year’s participation?
GISEC 2025 has been exceptional from multiple perspectives. The level of engagement over the past days has significantly increased, which I largely attribute to the rapid proliferation of AI technologies over the past year. At Huawei, we are heavily focused on how AI can be strategically integrated to enhance cybersecurity.
Our participation this year centers on showcasing how we’re empowering customers to secure their data and networks, especially by embedding AI within our cloud solutions. This enables businesses to protect their interests, as well as national infrastructure, more effectively. GISEC serves as a valuable platform, bringing together regulators, government entities, vendors, and analysts to collaborate and drive the cybersecurity ecosystem forward.
How is Huawei aligning its cybersecurity strategy with the Gulf’s national cybersecurity agenda?
Our strategy is fully aligned with the Gulf’s national cybersecurity priorities. Huawei’s core philosophy is to serve our customers, and that starts with strict compliance with each country’s regulations and cybersecurity guidelines.
It is paramount that the solutions we introduce to the country fully complies with laws and regulations, as well as the industry’s best practices and standards. We tailor our approach based on each country’s unique needs.
For example, when Qatar hosted the FIFA World Cup in 2022, we supported national efforts with dedicated cybersecurity capabilities. We adapt our support model to each nation’s strategic goals while maintaining a unified commitment: we work for the benefit of the country and its society.
How is Huawei leveraging AI and machine learning to enhance network security offerings?
Huawei has been in the industry for more than 30 years. Huawei has spent a lot of effort in making our solutions very, very secure and we possess a deep understanding of ICT .
While Huawei is primarily an ICT company, we’ve deeply integrated AI into our solutions to enhance security at every layer. Our AI-native and cloud-native development approach means that security capabilities are built into the solution from the ground up, not added as an afterthought.
A prime example is our AI-powered SecMaster solution, a cloud-based system that helps customers manage digital applications with near-perfect efficiency. These AI models are developed in-house and are designed to secure infrastructure intelligently and automatically.
What are the top cybersecurity challenges enterprises in the Gulf are currently facing, and what advice would you offer?
Today’s threats are more sophisticated than ever, ransomware, coordinated attacks, and critical infrastructure disruptions are top concerns, especially for government and public sector organizations.
The most important advice I can give is this: no one should face cybersecurity challenges alone. Collaboration is key. Cybercriminals are working as one team, we must do the same. Governments, vendors, regulators, academia, and enterprises must come together. At Huawei, we firmly believe that cybersecurity must never be compromised by commercial interests. We are committed to open collaboration to defend the industry and society as a whole.
How does Huawei cyber-proof its infrastructure that enterprises rely on across the region?
Huawei’s commitment to cybersecurity spans decades, beginning in 1995 And marked by significant strategic evolutions. Reflecting our dedication to continuous innovation, we have invested USD 171.1 billion in R&D over the past decade, with over 3,000 personnel focused on cybersecurity R&D and 5% of the total R&D spend directly boosting product security. Further, since 2018, we’ve invested over $2 billion in a complete software engineering transformation to embed cybersecurity into every layer of our operations.
We follow a rigorous “security by design” approach and have adopted a zero-trust mindset internally. Our principle is ABC: Assume nothing, believe nobody, Check everything. Cybersecurity is mandatory across all roles, from engineers to C-level executives.
From 2024 onwards, we began extending these capabilities to our partners and customers. This is what we call Cybersecurity 3.0, enabling national and organizational resilience by securing the full value chain. Our goal is to not only lead in secure solutions but to empower an ecosystem of shared cybersecurity responsibility.
