Have a question? +971 56 404 0503
Financial
AI-Driven Cybersecurity in MENA Banking: Why It’s Time to Rethink Our Defenses
By Omar Mansur, Managing Director – APAC, Codebase Technologies
In an age where digital transformation is moving faster than ever, banks around the Middle East and North Africa (MENA) are forced to confront a growing and increasingly evolving threat: cybercrime and fraud. It’s not just about an increase in the number of incidents; it’s about smarter threats. Nefarious agents are utilizing more complex methods such as leveraging artificial intelligence (AI) to outsmart traditional IT security systems, using everything from deepfake-powered scams to AI-generated phishing campaigns along with social engineering strategies.
In the UAE alone, about 21% of cybersecurity incidents in recent years targeted banks and financial institutions, second only to government entities (Lemos, 2025). With costly breaches on the rise cybersecurity has become a top board-level concern. However globally, 71% of leaders report that small organizations can no longer adequately secure themselves against the growing complexity of cyber risks (WEF, 2025). It’s a high-stakes game and I have personally seen how AI and cybersecurity has taken the spotlight in board meetings and discussion with clients from across the GCC and Levant regions.
This urgency has forced MENA banks to explore AI-driven security solutions that can match the speed and complexity of modern threats, protecting both their customers and their bottom line. The conversation is no longer “if” we need AI-driven defenses—it’s how quickly we can deploy them, and how can we optimize them to adapt to the ever-changing tactics of nefarious agents
Where We Stand
It wasn’t that long ago that Gen AI in banking was mostly used to train and create chatbots for customer support, but this is changing quickly. In the UAE, over 70% of banks have rolled out or upgraded their AI capabilities, and not just to streamline operations, but to actively combat cybercrime (PwC, 2023). Across multiple projects I have seen an overarching focus on AI being incorporated into all manner of digital solutions, particularly in the MENA region where cyber fraud has become a prevalent issue affecting credibility and customer confidence.
The push is being led by both necessity and ambition. Saudi Arabia and the GCC states are investing heavily in national digital strategies, and banks are stepping up with AI systems to detect fraud, verify identities, and stay ahead of financial crime. As many countries in the Middle East position themselves as financial and fintech hubs, ensuring security for customers and institutions is a prime concern in garnering not only customer confidence but regional credibility. That’s pushed regional cybersecurity budgets to grow by double digits, with MENA’s total spend expected to exceed $3.3 billion in 2025, driven by Gen-AI, cloud adoption, talent gaps, and evolving threats (Gartner, 2024).
A True Strategic Advantage or Just a Security Upgrade?
Artificial intelligence isn’t just helping plug holes in defenses, it’s defining the rules for how security is built into every layer of operations. Integrating AI into banking operations gives banks a real edge in regions where speed really matters. Having worked with several banks across the region, I’ve seen firsthand how traditional security models are starting to break under the weight of elaborate AI based threats.
For banks in the MENA region, where rapid digitalization coincides with heightened cyber threats, adopting AI-driven systems enhances operational resilience, reduces financial losses due to fraud, and boosts customer trust. AI not only fortifies security frameworks, it also fosters innovation, empowering banks to confidently pursue new digital business models and expansion opportunities.
AI defenses monitor account activity 24/7 and can react in seconds to anomalies, reducing the window of time attackers can exploit. AI-based user behavior analytics can spot an account takeover attempt at the moment it diverges from normal patterns and automatically disable the account, preventing fraud before it escalates. Early-adopting banks in the UAE report that AI systems have sharply reduced successful fraud incidents and enabled rapid intervention in potential cyber attacks.
AI isn’t just a nice to have security upgrade, it’s a question of survival.
How are Banks Using AI for Cyber Security
A simple example of successful AI usage in a cybersecurity context is during a next-gen digital onboarding process. With many regulators now strong encouraging or mandating digital onboarding, banks have been able to benefit from using AI-powered systems to prevent fraud before it has a chance to run rampant. Next gen AI-powered onboarding and eKYC minimizes friction for customers looking to open accounts, while providing a secure backend environment to recude the risks for attacks. Such solutions utilize a variety of AI enabled features such as next-gen biometrics, deep ID document validation, Arabic language detection, glare reduction in ID photos, all ensuring a secure authentication and verification of a new customer. An example of this application can be the digital onboarding process implemented by UAE-based Ajman Bank, which has registered a significant reduction in fraud attempts after implementing an AI-based digital onboarding system as part of its digital transformation.
Another strategy for catching instances of fraud is by using AI for anomaly detection. A machine learning model can study what “normal” looks like, in terms of user behavior, transaction patterns, system activity; and flag anything that stands out. This allows banks to see unusual patterns – e.g. a late-night login or peculiar fund transfers, which would evade static rule-based systems. Unsupervised algorithms (like isolation forests or one-class SVMs) and neural network autoencoders sift through vast streams of events to pinpoint such outliers. Such strategies, can be deployed to facilitate analysis over large numbers of accounts, which can then be flagged to a human for additional intervention and review.
This tactic can work hand in hand with automating routine security tasks with AI, making cybersecurity operations more efficient. This not only addresses the talent shortage by doing more with less, but also lowers costs associated with manual monitoring and investigation. AI-based security solutions have been shown to improve incident response times and cut costs by reducing trivial alerts and speeding up analysis. Banks in MENA benefit by reallocating human experts to higher-value activities like threat hunting and fortifying security architecture, while letting AI handle the heavy lifting of round-the-clock surveillance.
Neural networks can analyze huge volumes of transactional data, cross-referencing dozens of variables to catch fraud in ways that traditional systems simply can’t. Banks train neural networks on historical transactions to recognize subtle indicators of fraud that humans might miss. An ensemble of decision trees (random forests) or a deep neural network can analyze dozens of features (transaction size, timing, location, device, user profile) to instantly assess whether a transaction is suspicious. These models adapt as fraud tactics evolve, improving over time. Similarly, neural networks in intrusion detection systems learn to spot network traffic behaviors that resemble known cyberattacks. This leads to faster, more accurate threat detection and frees up human analysts for higher-level decision-making.
Phishing remains a prime concern for many banks as targeting customers can be a much simpler way to compromise a system than to go after the bank itself. In fact, in 2024 there was a sharp increase in phishing and social engineering attacks, with 42% of organizations reporting incidents (WEF, 2025). To mitigate such threats, many cyber security experts are turning to Natural Language Processing or NLP, which has become a dynamic way in recent years that helps banks detect malicious intent in emails, texts, and even chat messages. NLP enables AI to “read” and analyze text for signs of fraud or attack. An NLP-driven system can scan incoming emails to employees and flag phishing attempts based on language patterns and malicious links. Banks use NLP to monitor chat messages and transaction memos for red flags, like someone soliciting account details. By understanding context in language, AI adds an extra layer of defense to catch social engineering and scam attempts that purely numeric data monitoring might overlook.
By deploying these AI-powered strategies in tandem, banks can create a multi-pronged defense system, akin to a digital immune system, ready to tackle a multitude of afflictions. An anomaly detection system might catch unusual account behavior, while an NLP filter flags a related phishing email – together giving a fuller picture of an attack in progress. This intelligent automation amplifies human analysts’ effectiveness, allowing them to focus on verified threats and complex investigations rather than sifting through noise.
Looking Towards a Future of Cyber Resilience
We’re entering a new era in banking security. One where artificial intelligence and generative-AI doesn’t just assist, but actively drives how banks detect, prevent, and respond to threats. The emerging champions won’t be those with the biggest budgets, but those with the clearest strategy, and those who understand that AI is both a weapon and a shield in the modern cybersecurity landscape. One that must be deployed correctly to protect institutions and customers.
When implemented wisely, AI can dramatically boost a bank’s ability to prevent breaches, detect fraud in real time, and operate securely at scale – all essential for maintaining customer trust. At the same time, banks must remain vigilant: as attackers innovate with AI, defensive strategies must keep adapting, and governance must ensure ethical, compliant use of artificial intelligence.
So, here’s a question worth asking at the next board meeting is, are we using AI to its full potential, not just to defend our systems, but to build customer trust, support innovation, and lead the market in resilience?
In an interview with Christoph Koster, CEO ruya we dive deep into how Ruya is blending technology, transparency, and Islamic principles to shape the future of finance in the UAE.
Could you take us through the journey of Ruya and what sets Ruya’s digital infrastructure apart from other digital or neo banks in the region?
In 2024, ruya emerges as the UAE’s digital-first Islamic community bank, aiming to integrate modern financial technology with the principles of Islamic banking. The bank’s mission is to provide ethical, transparent, and inclusive financial services tailored to the diverse needs of its community.
A significant milestone in ruya’s journey is becoming the first Islamic bank globally to offer customers direct access to virtual asset investments, including Bitcoin, through its mobile app. This service is made possible through a strategic partnership with Fuze, a VARA-licensed leader in virtual asset service provider (VASP). Together, ruya and Fuze aim to provide a secure and ethical entry point into the digital economy for all Muslims, ensuring that the services are fully Shari’ah-compliant and aligned with the principles of Islamic finance.
Could you walk us through the customer journey—what does buying or selling crypto through ruya’s app actually look like?
The customer experience is designed to be straightforward and user-friendly. Customers can log into the ruya mobile app using secure authentication methods, navigate to the ‘Investments’ section, and select ‘Virtual Assets.’ First-time users complete a streamlined onboarding process, including understanding the terms and conditions and confirming their agreement to the terms and conditions. Subsequently, customers can buy or sell approved virtual assets, such as Bitcoin, with transactions executed in real-time. Users can monitor their virtual asset holdings, view transaction history. All transactions are conducted within a closed-loop system, ensuring security and compliance with Islamic banking principles.
Unlike many crypto platforms that encourage short-term trading, ruya promotes long-term wealth building—how is this being achieved in practice?
ruya’s approach to virtual asset investment focuses on promoting long-term wealth accumulation. Each virtual asset offered is vetted and approved by the bank’s Internal Shari’ah Supervisory Committee, ensuring alignment with Islamic ethical standards. The platform discourages speculative trading by focusing on assets with long-term growth potential and provides tools to support goal-oriented investment strategies. Through community centers and customer support channels, ruya offers personalized guidance to help customers align their investments with their financial goals.
What metrics or indicators does Ruya use to evaluate financial resilience and long-term value for customers investing in virtual assets?
To assess and enhance financial resilience, ruya monitors several key indicators, including customer engagement, investment behavior patterns, portfolio performance over time, and customer feedback gathered through surveys and support interactions. These metrics help the bank continuously improve its services and support mechanisms.
Ruya emphasizes a “customer-first” approach. How are you ensuring that customers feel informed, supported, and in control of their virtual asset investments?
The bank’s customer-first philosophy is implemented through transparent communication about investment options and associated risks, educational initiatives such as webinars and tutorials, personalized support via in-app chat, call centers, and community centers, and a user-friendly app interface that allows customers to easily navigate their investment options and monitor their portfolios.
What’s next for ruya—will we see expansion into other Shari’ah-compliant asset classes such as tokenized sukuks or digital gold?
Looking ahead, ruya is committed to expanding its suite of Shari’ah-compliant investment offerings. The bank is actively working on the integration of Shari’ah-compliant stocks & ETF trading, enabling access to over 60,000 instruments both local and global as well as tokenized sukuks to provide customers with access to Islamic bonds in a digital format, enhancing liquidity and accessibility. Development is also underway to offer gold investments, allowing customers to invest in gold through the platform in a manner that aligns with Islamic financial principles. These initiatives aim to diversify investment options for customers, enabling them to build robust, ethical, and future-ready portfolios.
In summary, ruya’s journey reflects a commitment to innovation, ethical banking, and community engagement. By integrating Shari’ah-compliant virtual asset investments into its digital platform, the bank provides customers with secure, ethical, and accessible financial services. The focus on long-term wealth building, financial resilience, and customer support ensures that ruya meets the evolving needs of its clientele while adhering to Islamic banking principles.
Al Etihad Payments has been elected to the 2025–2027 Board of Advisors for the Payment Card Industry Security Standards Council (PCI SSC). AEP is among the first organizations from the Middle East to be elected to this global body driven by the UAE’s growing leadership in cybersecurity and payment system resilience on the international stage.
The PCI Security Standards Council (PCI SSC) leads a global, cross-industry effort to increase payment security by providing industry-driven, flexible, and effective data security standards and programs that help businesses detect, mitigate, and prevent cyberattacks and breaches.
Hani Bani Amer, Head of Information Security at AEP, will represent AEP as one of 64 global board members. He will serve as a strategic partner to the PCI SSC, contributing industry, regional, and technical expertise to support the Council’s mission of enhancing global payment security. The PCI SSC Board of Advisors plays a vital role in guiding the Council’s priorities and standard-setting initiatives. Members provide critical insights on global payment security trends, regional regulatory landscapes, and emerging technologies.
“Being elected to the PCI SSC Board of Advisors is both an honor and a responsibility”, said Hani Bani Amer. “Through our participation, we aim to ensure that our regional unique insights and perspectives are represented in the development of global standards, ultimately benefiting stakeholders locally and internationally. I look forward to working closely with my fellow Board members to advance strong, future-ready payment security standards that address today’s challenges and tomorrow’s cybersecurity threats.”
The new Board includes representatives from 61 organizations, reflecting the PCI SSC’s commitment to global inclusion. Members come from a wide range of sectors, including issuers, acquirers, merchants, processors, service providers, and technology companies.
Nitin Bhatnagar, Regional Director India, South Asia and Middle East, PCI Security Standards Council said, “Al Etihad Payments’ participation on the new 2025-2027 board of advisors from the Middle East (UAE) region is a critical voice that will help ensure greater regional input into our payment security standards, providing even more opportunities for discussion and collaboration with some of the most innovative voices in our industry.
This term, in acknowledgment of the payments industry‘s ever-changing needs, the Board of Advisors has been expanded to a record 64 stakeholders, providing the Council with a broader range of views. The Board of Advisors will also be responsible for voting on new standards and major revisions to existing standards prior to their release. We are thrilled to welcome Al Etihad Payments to the newly elected 2025-2027 Board of Advisors.”
AEP continues to play a key role in advancing the UAE’s digital economy through initiatives such as Aani, the real-time payments platform, and Jaywan, the domestic card scheme. AEP is building a secure, resilient, and inclusive payments ecosystem. Both platforms are designed to meet local market needs while embedding global best practices for data protection and transaction security. By joining the PCI SSC Board of Advisors, AEP strengthens its commitment to adopting and shaping industry-driven, flexible, and effective security standards that safeguard sensitive payment data across every layer of the digital payments journey from cards to real-time transfers.
Financial
Venture Debt Finds a New Home in the Middle East: Stride Ventures Doubles Down on Saudi Arabia
In a striking signal of the Middle East’s rapid financial maturation, Stride Ventures has announced significant expansion of its presence across the Gulf Cooperation Council- with Saudi Arabia at the epicentre of its ambitions. The move, which includes doubling its local team and opening a second regional office, is emblematic of a broader shift: the Kingdom is not just attracting capital, but fundamentally redefining the region’s approach to startup financing.
Stride Ventures’ announcement coincides with the publication of the inaugural Global Venture Debt Report 2025, produced by team Stride in partnership with global consultancy Kearney. The report paints a compelling picture: while the global venture debt market has grown at a robust 14% compound annual growth rate (CAGR) over the past five years, the GCC—led by Saudi Arabia—has outpaced this by a factor of nearly four, clocking an extraordinary 54% CAGR. The regional venture debt market reached $500 million in 2024, up from a mere $60 million in 2020, underscoring both the scale and speed of change.
Saudi Arabia’s Vision 2030, a sweeping reform agenda aimed at diversifying the economy away from hydrocarbons, is at the heart of this transformation. The government’s proactive stance is evident in initiatives such as the Jada Fund of Funds (with $1.07 billion in assets under management), and strategic partnerships with global asset managers including Goldman Sachs and Franklin Templeton. Meanwhile, Abu Dhabi’s ADGM and Abu Dhabi’s Hub71 are providing the regulatory and infrastructural backbone for private credit and venture activity across the region.
Traditional banks in the GCC have long been risk-averse, often shying away from lending to early-stage, asset-light startups. Venture debt- a non-dilutive, flexible, and tailored to the needs of high-growth companies- has stepped into this void. The region’s fintech and e-commerce champions, such as Tabby and Tamara, have already closed venture debt deals exceeding $100 million each, providing a template for other sectors including logistics, healthtech, and climate tech.
Stride’s expansion is timed to capture this momentum. The firm has increased its GCC team by over 60% in the past year, with a stated goal of tripling its regional assets under management by 2026. Stride is targeting a half a billion dollar commitment in the region over the next three to five years, while its latest fund has already attracted strong investor interest- on track to be oversubscribed within just a few months.
Stride Ventures now boasts an active investment pipeline of up to $110 million across the region, with an average cheque size of $10 million per transaction. This robust pipeline signals both the scale of opportunity and the growing appetite among Middle Eastern founders for strategic, founder-friendly debt capital. Stride’s approach- offering sizable and flexible financing to ambitious startups- positions it as a critical enabler of the region’s next wave of unicorns.
Perhaps most telling is the influx of global talent. Senior executives from Silicon Valley, London, and Singapore are relocating to Riyadh, lured by the region’s capital abundance and policy stability. “Saudi Arabia is shaping the future of venture capital and private credit with intention and scale,” says Fariha Ansari Javed, Partner at Stride Ventures. “We are seeing a new generation of founders who understand the value of non-dilutive capital to scale responsibly and an equally ambitious set of investors in the region ready to fuel their growth”
The implications are profound. The Middle East, long seen as a passive capital provider, is repositioning itself as an active hub for innovation finance. As Fariha puts it: “Saudi Arabia is moving from being a capital source to becoming a capital magnet. Stride is proud to be part of this next chapter.”
The question now is not whether venture debt will take root in the GCC, but rather how quickly it will scale- and how the region’s regulatory and institutional frameworks can keep pace with the ambitions of its entrepreneurs and financiers.
How Innovations Group Is Powering the UAE’s Hospitality Workforce
Cybersecurity in 2025: Trends, Challenges, and Opportunities
Phat Buns UK Opens First Global Franchise in Sharjah UAE
Denodo Bolsters Executive Team by Hiring Christophe Culine as its Chief Revenue Officer
Navigating the Cybersecurity Landscape in Hybrid Work Environments
Brighton College Abu Dhabi and Brighton College Al Ain Donate 954 IT Devices in Support of ‘Donate Your Own Device’ Campaign
-
Tech News11 months agoDenodo Bolsters Executive Team by Hiring Christophe Culine as its Chief Revenue Officer
-
Tech Interviews1 year agoNavigating the Cybersecurity Landscape in Hybrid Work Environments
-
Tech News1 year agoBrighton College Abu Dhabi and Brighton College Al Ain Donate 954 IT Devices in Support of ‘Donate Your Own Device’ Campaign
-
Tech Features12 months agoThe Middle East to Lead with Next-generation Mission Critical Communication Advancement
-
VAR10 months agoSamsung Galaxy Z Fold6 vs Google Pixel 9 Pro Fold: Clash Of The Folding Phenoms
-
VAR2 months agoMicrosoft Launches New Surface Copilot+ PCs for Business
-
Features1 year agoSecurity in the Cloud Age: Combating Risks with Hybrid Cloud Solutions
-
Automotive1 year agoAl-Futtaim Automotive Builds On 23-Year Legacy of Trust & Leadership in UAE’s Pre-Owned Car Market to Sell Over 25,000 Used Vehicles in 2023