We spoke with Anton Shipulin, Industrial Cybersecurity Evangelist at Nozomi Networks, to explore what sets their presence apart this year, how AI is reshaping industrial cybersecurity, and why strategic partnerships and events like GISEC remain essential.

TECHx: What makes your presence at GISEC unique compared to other trade shows you’ve attended?

GISEC occupies a special place on our calendar because it’s not only one of the largest cybersecurity events in the region, but it’s also deeply focused on the unique challenges of the Gulf, Middle East, and Africa markets. Unlike more generalized trade shows, GISEC brings together regulators, critical-infrastructure operators, and regional integrators under one roof. Every year, we see a high concentration of organizations managing oil & gas, utilities, transportation, and manufacturing sectors where operational technology (OT) security is mission-critical.

This year, we’ve made a concerted effort to bring almost our entire Middle East team not just sales and marketing, but also professional services, pre-sales engineers, and local R&D specialists. That means every visitor to our booth can have a deep, technical discussion in Arabic or English, schedule on-the-spot proof of value sessions, and even see live demonstrations in a sandbox environment. We believe that level of local expertise, combined with a global product roadmap, distinguishes Nozomi at GISEC.

TECHx: What new solutions and innovations are you showcasing on your booth this year?

We’ve expanded our platform in two key dimensions:

1. Industrial W ireless & Point Sensors:
   Traditionally, OT threat detection required tapping into wired network segments. Now, with the rise of 802.11ax in industrial environments, we’ve developed lightweight wireless optimized agents and purpose-built point sensors that can be deployed on conveyors, robotic arms, and remote RTUs without long cabling runs. These devices deliver packet-level visibility and metadata directly into our analytics engine, enabling full asset inventory, vulnerability scanning, and anomaly detection even in hard-to-reach field sites.
2. AI-Driven Correlation & Insights:
   Our R&D team has integrated new machine-learning models that correlate network threat events with process-level telemetry. For example, if a PLC receives a malformed Modbus payload and downstream temperature sensors show anomalous behavior, our AI will surface that correlation in real time, prioritizing it as a high-risk incident. We’re also rolling out a “What-If” sandbox within our portal customers can simulate new rules or network changes against historical data to see how our AI would have responded. This predictive capability helps operations teams validate controls before they push changes live.

Between these two areas flexible deployment at the edge and contextual, AI-powered analytics we’re giving industrial organizations the tools to scale security monitoring across increasingly complex environments.

TECHx: You spoke about AI. How is AI revolutionizing cybersecurity, and how are you applying it in your solutions?

AI’s role in cybersecurity can be unpacked into three overlapping domains:

1. Weaponization by Threat Actors:
   Criminals and nation-state groups are using generative AI to accelerate reconnaissance, craft zero-day exploits, and even personalize spear-phishing campaigns at scale. During the MITRE Engenuity ATT&CK Evaluations, we witnessed AI-generated payloads that mutated faster than signature databases could keep up. Recognizing that threat actors will continue to leverage these tools, we’ve embedded proactive AI threat-hunting models that continually train on live traffic, looking for novel patterns rather than waiting for known indicators.
2. Attack Surface of AI Systems Themselves:
   As organizations deploy AI for automation, those systems become high-value targets. We’ve invested in “AI Security Assurance”a set of pre-built modules to detect model-poisoning attempts, adversarial-input attacks, and unauthorized model-drift in our own platform. This not only hardens our offering but provides best-practice templates customers can apply to protect their in-house AI pipelines.
3. AI for Defense & Automation:
   On the defense side, our AI automatically triages thousands of OT events per minute, correlates them with IT-side alerts (e.g., SIEM or SOAR feeds), and surfaces the top 1% that truly require human intervention. We also use reinforcement learning to optimize firewall and NAC policies: our system can suggest micro-segmentation rules based on observed communication patterns, simulate their impact in a digital twin, and even push approved changes automatically. The result is a closed-loop architecture where AI not only detects but helps remediate and continuously improve the security posture.

TECHx: How does Nozomi structure its partnership ecosystem, and why is a partner-first approach so important?

We view partnerships as the lifeblood of our global reach, and we categorize them into:

• Service Partners: Certified system integrators and managed-security providers who deploy and operate our solutions on behalf of end customers. They undergo extensive training both in formal labs and in the field alongside our engineers to become OT-focused cybersecurity specialists. In regions like the UAE, Saudi Arabia, and South Africa, our service partners embed Nozomi as the heart of multi-vendor ICS-SOC operations.
• Technology Partners: Companies whose products and platforms we integrate with to form broader security ecosystems. This includes SIEM vendors (e.g., Splunk, QRadar), firewall and NAC providers (e.g., Palo Alto Networks, Cisco), and cloud-based orchestration tools. Through open APIs and pre-built connectors, we ensure our OT intelligence can enrich, and be enriched by, third-party data, enabling end-to-end automation. For instance, when our platform flags a critical vulnerability on a controller, we can automatically notify the ticketing system in ServiceNow and trigger a patch-testing workflow in HPE OneView.

Because no single vendor can address every use case, our partner-first model ensures clients get a best-of-breed solution tailored to their existing investments and strategic roadmap.

TECHx: Many vendors host their own exclusive events, why are broad industry conferences like GISEC still valuable?

Vendor events are great for deep dives into a specific ecosystem, but industry conferences like GISEC offer three unique benefits:

1. Cross-Pollination of Ideas: You’re rubbing shoulders with CISOs from oil & gas, heads of threat intelligence from financial services, and policy-makers from the region’s cybersecurity authorities. That diversity fuels innovation and helps uncover blind spots what works in one sector can often be adapted for another.
2. Ecosystem Alignment: With so many moving parts in modern security architectures (cloud, edge, IoT/IIoT, 5G), no single event can cover all bases. GISEC’s broad agenda from quantum-safe cryptography to the latest in drone security helps attendees map out how emerging technologies intersect, discover new standards, and align on best practices.
3. Regulatory & Community Engagement: In the GCC region, governments and regulators play an outsized role in shaping cybersecurity requirements. GISEC brings those stakeholders to the same table as vendors and end customers. You get real-time updates on national strategies, compliance roadmaps (e.g., NESA in the UAE, NSA in Saudi), and can even participate in shaping them through working groups or speaking sessions.

Despite advancements in technology, Nozomi Networks stresses that many OT systems remain vulnerable to cyberattacks. By leveraging cutting-edge AI and forming strategic partnerships, Nozomi Networks is working to bridge this gap, ensuring OT systems stay secure amid increasing threats.

Related post

View all