Michael Heering, Head of Marketing EMEA at SANS Institute speaks to Techitup ME at GISEC 2025, highlights rising attacks on critical infrastructure, evolving threats, cloud vulnerabilities, ramps up advanced cybersecurity training and launches a new regional academy to close skills gaps across the Middle East
What cybersecurity trends are you seeing in 2025, and what threats continue to dominate the industry?
At SANS, we recently unveiled our Top Five Emerging Threats at RSA, with a full report to follow later this year. One of the most pressing trends is the rise in ICS and OT-specific malware. We’re seeing threat actors increasingly target industrial control systems and critical infrastructure with more sophisticated and aggressive attacks. The persistent disconnect between IT and OT teams only heightens this risk.
Another major issue is “authority sprawl” or “permission sprawl” in cloud environments. As organizations grow and adopt cloud services more broadly, it’s becoming difficult for security teams to monitor who has access to what, making them more vulnerable to breaches.
AI is also playing a dual role. While governments are working to regulate its use, these regulations can limit how white-hat hackers and internal teams leverage AI. Meanwhile, malicious actors face no such restrictions, giving them an upper hand in innovation and execution.
How is SANS evolving its training programs to address the most urgent cybersecurity skill gaps in the Middle East today?
We’re continuously updating our training portfolio to address emerging threats. As new trends appear, we incorporate those developments into our curriculum and ensure those updated courses are available in the region. In the Middle East, we also partner with organizations like the UAE Cybersecurity Council to help train professionals through live cyber academies that build resilience and practical skills.
Is SANS working with regional governments or universities to help build local cyber talent and readiness?
We currently have strong partnerships with several government entities in the Middle East but not yet with universities. However, we’ve seen great success with university collaborations in the U.S., and we’re actively exploring similar initiatives in EMEA and the Middle East.
Can you tell us about the SANS GISEC Academy? What does it include, and who can attend?
The SANS GISEC Academy is a new initiative designed for cybersecurity professionals with some foundational experience. We’ve brought in three top-certified instructors: Jean-François Maes, an expert in red teaming; Michael Hoffman, a local SANS instructor and ICS malware specialist from Dragos; and Ian Reynolds, who covers cybersecurity essentials, ethical hacking, and incident response. The sessions are fully booked and very well received.
What’s next for SANS in the region? Are any upcoming trainings scheduled in the UAE?
Yes, we have additional training events in the UAE this May, along with sessions across KSA, Oman, and Qatar. Our flagship regional event – SANS Gulf Region – will be held in November in Dubai, featuring over 13 different courses, catering to every level of cybersecurity professional.
