Says industry expert
With the Middle East Rail 2025 trade show held in Dubai from June 24 to 25, gathering industry leaders from across the region, the urgency of cybersecurity in transport infrastructure, particularly in the rail sector, is becoming increasingly apparent.
Serhii Salii, Head of Sales at Germany-based CyberShield, shared his insights on the escalating risks, evolving threats, and the specific challenges looming over critical infrastructure in the Arabian Gulf.
Excerpts from the interview, which have been edited for clarity and brevity:
Why is CyberShield exhibiting at Middle East Rail 2025?
Cybersecurity is often misunderstood. Most people associate it with email, phones, or social media. However, it plays an equally critical role in safeguarding essential infrastructure, including rail networks, water systems, and the energy sector. Our focus is on industrial cybersecurity. This involves assisting companies that design, build, and operate critical systems in implementing secure and resilient frameworks.
Our role as consultants extends beyond providing technical support and strategic planning services. We are committed to ensuring that infrastructure systems are designed and built with a proactive approach that resists cyberattacks from the outset, rather than being retrofitted later. This becomes increasingly crucial as transport and utility networks become more interconnected.
What is your footprint like in the Middle East, particularly in the UAE and Saudi Arabia?
The Middle East is now one of the world’s most dynamic markets for infrastructure development. That is why we have established a presence in Dubai, where we primarily work with primary contractors on large-scale projects, such as the Dubai Metro network, including the Blue Line, as well as the high-speed rail network connecting Dubai and Abu Dhabi.
In Saudi Arabia, we are involved in the CAF monorail project in Riyadh. Our role in this project is to provide cybersecurity validation work, including penetration testing and vulnerability assessments, to ensure the monorail system is resilient against cyber threats. We are also supporting China Railway Construction Corporation (CRCC) on this project.
Additionally, we are in talks to support projects in Qatar and Oman. As cybersecurity specialists, we are discussing potential collaborations during the design, construction, and operational phases of these projects. Our goal is to ensure that the systems in these countries meet international standards for digital resilience. We are excited about the possibility of expanding our footprint in the region.
Why is the Middle East an attractive target for cybercriminals, particularly rail operators?
It begins with understanding the threat landscape. During the design phase of any infrastructure project, we conduct a complete risk analysis. This identifies who might attack, why they would do it, and whether they can succeed.
The Middle East is a relatively secure region in terms of public behaviour, unlike parts of Europe where vandalism or cable theft may be more common. But this security can be a double-edged sword. Trust in societal norms can sometimes lead to underestimating certain risks, such as insider threats or lapses in physical security enforcement.
Politically, the region faces tensions, making critical infrastructure a symbolic and strategic target. Rail systems, due to their scale and integration with urban planning, can be particularly vulnerable. Physical security measures, such as CCTV or fencing, are in place, but the key question is whether there are effective protocols for responding once a threat is detected.
What factors does CyberShield consider when developing new cybersecurity solutions?
One major challenge is the lack of consistent terminology and frameworks. Different regions use different words for the same ideas, which makes collaboration difficult. That is why we adhere to international standards such as IEC 62443 and TS 50701. These frameworks ensure that our work is compatible with global best practices.
Artificial intelligence is another area we are watching closely. However, in the context of critical infrastructure, we have found that AI-based systems are not yet mature enough. AI relies heavily on historical data to function. However, critical infrastructure threats are still evolving, and there is a limited amount of high-quality data available for training these systems effectively.
We do not produce our hardware or software, which gives us flexibility. We maintain direct relationships with global vendors and can collaborate with them to tailor products to meet the specific needs of individual projects. In some cases, we have even had custom solutions developed because no existing solution on the market met our security requirements.
How does the Middle East rail sector compare to global markets in terms of cybersecurity maturity?
From a cybersecurity standpoint, the Middle East is currently the most promising market for railway projects. In contrast, Europe is experiencing a sense of stagnation driven by budget constraints. However, the Middle East’s potential as a cybersecurity market is a beacon of hope, particularly in the railway sector.
In the Asia-Pacific region, places like Singapore and Hong Kong are highly advanced. However, in countries such as Indonesia, Malaysia, and Thailand, although there is growing interest, cybersecurity investment has lagged. That is mainly because government regulations do not yet require developers and operators to meet cybersecurity standards. In such cases, companies avoid spending money on something that will not help them win bids.
However, that is changing. We have seen recent policy shifts in Thailand and Indonesia where governments are beginning to mandate cybersecurity measures. Within five to seven years, these markets may resemble the current state of the Middle East, where security is increasingly built into every project from the beginning.
What is your view on AI and its impact on cybersecurity in critical infrastructure?
Before we look to AI to solve new problems, we should first ensure that past security standards—those from five or ten years ago—are fully implemented. The reality is that much of the critical infrastructure built over the past two decades lacks even basic cyber protections.
AI undoubtedly changes the playing field. But it also introduces risk. For example, you can ask generative AI systems, like ChatGPT, how to hack a network. If you frame it as a demonstration for a conference, you might get surprisingly detailed answers. This illustrates how the same tools being used to defend systems can also be exploited by attackers.
Ultimately, AI is a powerful tool, but it is not a substitute for disciplined, standards-based security architecture. Until AI can reliably and securely analyse threats in real time within industrial systems, its role will remain limited.
Hero image: Serhii Salii, Head of Sales at CyberShield. Credit: Arnold Pinto
