7 hours ago
Cisco committed to addressing cybersecurity skills gap through its networking academy
CNME Editor Mark Forker spoke to Fady Younes, Managing Director for Cybersecurity at Cisco Middle East, Africa, Türkiye, Romania and CIS, to learn more about the findings of the Cisco 2025 Cybersecurity Readiness Index, what enterprises ultimately need to do in order to both embrace and secure AI into their organisations – and how the Cisco Networking Academy is wholly committed to addressing the talent vacuum that exists in the cybersecurity industry across the region.
Cisco's Cybersecurity Readiness Index covers a broad geographic scope, which inevitably provides a very robust and wide-ranging overview on cybersecurity readiness from a global perspective.
However, for the purpose of this interview, the focus was lasered on the findings that emerged in relation to the UAE.
Fady Younes is one of the most respected cybersecurity practitioners across the Middle East, and as Cisco's Managing Director for all things associated with cybersecurity in the region, there is few better placed to comment on the findings.
Fady began the conversation by highlighting the hype and momentum around AI, but conceded that it is difficult for a lot of enterprises to both adopt AI and secure at the same time.
'Look, we know there is a lot of hype in relation to AI, and especially here in our region. However, while AI brings the promise of new possibilities and boosts organisations' innovation and competitiveness, it also adds layers of complexity and risks to an already complicated security landscape. It's challenging for companies to embrace and secure AI, and both of those things are taking place at an exceptionally fast pace. There is quite clearly a disconnect between the general understanding of the threats posed by AI, and what it takes to secure the organisations against those threats, and this gap poses a critical risk,' said Younes.
Younes highlighted the role Cisco is playing in terms of creating more awareness on the risks posed by AI, and at the same time is proactively investing significantly in education and upskilling.
'Cyber attackers are not standing still, in fact, on the contrary, they're actually, leveraging AI to automate and scale their operations, including phishing, deep fakes, but also other sophisticated attacks that are hard to both predict and prevent. Cisco's approach to bridging the awareness gap, is actually across multiple areas. The first one is about all upskilling and education. The Cisco Networking Academy is committed to training cybersecurity professionals, focusing on AI, cybersecurity, and data science. And those three topics were recently added to enhance and boost our curriculum in the networking academy, which has been which been around for a long time. Our program, is very active in the region, and it is ultimately designed to address the talent shortage and generally improve the understanding of AI related threats across the board,' said Younes.
A term that has been talked about over the last few years, and has been exacerbated of late, is the topic of ethical AI and the need for responsible AI frameworks and regulations – and our conversation pivoted towards that talking point.
'The ethical use of AI is absolutely critical, and this is something that we emphasise greatly at Cisco, through the responsible AI framework, which we helped define. It is incumbent on us to ensure that AI technologies are deployed securely and transparently in order to build trust and to mitigate risks. Now as I mentioned earlier in the conversation, cyber criminals are leveraging AI in their attacks, so with them doing that, we as a leader on the defense side have to counter-attack that because the organisations cannot rely on human scale defense – and that's why Cisco has embedded AI in cybersecurity defense to assist, automate, and augment the capabilities of the SecOps team,' said Younes.
'While AI brings the promise of new possibilities and boosts organisations' innovation and competitiveness, it also adds layers of complexity and risks to an already complicated security landscape.'
He added that Cisco has introduced AI assistance across its entire security portfolio – and highlighted the role played by its Cisco AI Defense product that was launched in January 2025.
'We are introducing AI assistants all across our product and solution stack, and we are empowering the SecOps team by providing them actionable insights through AI to automate their complex workflows, which reducing the time required for incident response. And this will ensure that even less experienced analysts, and we know the scarcity of those, can effectively manage all these AI-driven threats. Our latest innovation, the Cisco AI Defense, is actually purpose built for enterprises to develop, deploy, and secure the AI applications with confidence. It is an end-to-end solution that protects both the development and the use of AI applications, so that enterprise can advance their AI initiatives with confidence, because the last thing we want to do is slow down that AI adoption. However, at the same time, we cannot let them go with all the risks that are associated. In summary, we're safeguarding against the misuse of AI tools, data leakage, and increasingly sophisticated threats, which existing security solutions quite frankly, are clearly not equipped to handle,' said Younes.
One of the most glaring findings from Cisco's Cybersecurity Readiness Index was the talent gap that exists, not only in the UAE, but worldwide.
It isn't a problem that is going to be fixed overnight, but Younes conceded it is a major challenge.
'The talent gap in cybersecurity isn't something new, and it is a very real problem, and it's not something that is going to go away overnight. On the contrary, it is actually increasing, but it's not just an issue specific to the UAE, it's a global problem. To put the challenge into perspective, there are around 4 million cybersecurity professionals needed urgently to plug the talent gap, so that's gives you an indication on the scale of the problem at hand,' said Younes.
87% of those surveyed in the Cisco Cybersecurity Readiness Index identified the shortage of skilled cybersecurity professionals as a major headache for their organisation.
Younes outlined that it wasn't just Cisco's customers feeling the pinch, and that their entire ecosystem of partners and system integrators are dealing with the same issue.
Younes said that in the long-term their Networking Academy will continue to upskill and train millions of people, but in the short term they are focused on leveraging their technologies to support overstretched SecOps teams.
'In the long term the Cisco Networking Academy will train and upskills millions of cybersecurity professionals across the Middle East and Africa region, but more immediately, we're using technology to reduce the pressure on already stretched SecOps teams. As I referred to earlier, Cisco is embedding AI across our entire cyber security portfolio with AI systems, and the objective of that is to simplify the ops team and reducing their work cycles. Most recently at the RSA conference last month, we announced a new innovation around our Cisco XDR offering, which is the extended detection and response solution that is now leveraging Agentic AI, to handle many of the time-consuming repetitive tasks and that used to require deep expertise,' said Younes.
Younes highlighted how their attack storyboard, a visual representation of a cyberattack within their Cisco XDR, or Cisco SecureX platforms was saving SecOps teams weeks in terms of generating reports.
Features like, instant attack verification, automated forensics, and attack storyboard.
'The attack storyboard is very interesting because it demonstrates what exactly happened in chronological order after a cyberattack has occurred in a matter of seconds. They can generate a very detailed report that could have taken the SecOps team weeks to generate Yeah. Ultimately, this will help analysts regardless of their experience level to move quickly from alert to action with confidence, and that not only improves efficiency, but it makes security operations much more accessible. So, while we can continue to close the skills gaps through the networking academy, we can also help address the issue now through our XDR and SecureX platforms,' said Younes.
'The study measures security readiness against five key pillars that are critical for securing the modern organisations against evolving cyber threats.'
The pendulum of the conversation swung back towards the Cisco Cybersecurity Readiness Index.
A comprehensive survey, now in its 3rd year, consisting of 8,000 businesses across 30 global markets.
As Younes explained the index accesses the deployment and maturity of cybersecurity solutions across these global markets.
The survey is broken down into four categories of readiness, which are beginner, formative, progressive and mature.
In terms of the UAE, 30% of organisations have reached a progressive or mature state.
Younes believes that is a healthy figure, but stressed that those numbers are not likely to increase hugely, due to the volatile and dynamic nature of the cybersecurity industry.
'The study measures security readiness against the following key pillars that are critical for securing the modern organisations against evolving cyber threats. The five pillars are identity intelligence, machine trustworthiness, network resilience, cloud reinforcement, and AI fortification. Last year, if we compare the results, and I'm not talking just about the UAE only, but globally. If you compare the results in terms of maturity this year versus last year, then you will see that at the same time, they're investing ad they're consolidating. They're doing the right things, but at the same time, it's not progressing rapidly. You're not going to jump by 10%. Because whist organisations are investing in those new technologies, there are new threats popping up all the time. And this year, in particular, with AI coming into the picture it has made the picture even blurrier,' said Younes.
Younes explained the newest pillar of the Index is the AI fortification layer.
'The AI fortification pillar wasn't there a few years ago, and that's now the fifth pillar. I'll go through each pillar quickly. The identity security framework prioritises identity visibility, adopts a zero trust architecture, and utilises password-less, or multifactor authentication bolstered by AI-driven detections. The second pillar is machine trustworthiness, but it's also promoting the concept of a zero-trust model. And this is where we need to have that model deployed, to diligently verify all users, but also devices. So, the posture of your device, not only your identity is critical, before granting access to networks, and serving as a critical mechanism for ensuring trusted access. The third one is network resilience, and organisations are actually recommended to urgently enhance their network resilience, advancing beyond partial security, implementations to adequately prepare for the challenges posed by the AI era,' said Younes.
Younes stressed the importance of correlating what is happening across all your domains rather than adopting a siloed approach to cybersecurity.
He concluded a brilliant conversation, by touching on the importance of unified cloud security.
'The fourth pillar is unified cloud security, and this is transitioning from the fragmented, to cohesive security strategies that are proactive and AI enhanced, allowing for more efficient management of security across cloud environment. So, this is all about giving the security teams more visibility and control, across the multi-cloud environment, wherever the workloads applications are. The objective has to be the production of a consistent policy across all workloads, regardless of where they reside, be it AWS, or Azure. Finally, the last one is the AI security strategy, and this is about developing a comprehensive security approach that focuses on and secures both the deployment of AI technologies and the underlying models, ensuring reliability and integrity,' said Younes.
