Global cybersecurity influence is becoming more distributed, and Riyadh is increasingly part of that shift.
At Black Hat MEA 2025, senior security leaders from the City of Los Angeles, Halcyon and AT&T shared why the conversations happening in Saudi Arabia feel different – woven together with scale, investment and national ambition.
Here’s what they told us.
Tim Lee (CISO for the City of Los Angeles) attended Black Hat MEA for the first time in 2025. His first impression was scale – and the density of dialogue.
“This is my first time to this region so I’m really excited to see a lot of vendors around here and also around the world. It’s almost like RSAC in San Francisco, so I meet different vendors, different people for different solutions, and we exchange knowledge. I share my challenge, my pain point, and they share their solutions.”
For a municipal CISO overseeing one of the world’s most complex cities, the draw is alignment.
Lee pointed to the stack of major events heading to Los Angeles: “LA2026, Walk Up, All Star NBA, Superbowl and LA28 Olympics – so that’s a lot of large events going on at the seat of Los Angeles…”
Far from just sporting fixtures, these are critical infrastructure stress tests. They leverage temporary networks, and they’re subject to global media exposure – with massive public footfall and elevated nation-state interest too.
And he sees parallels with the mega events on the calendar in Saudi Arabia, with potential to work together to overcome the challenges involved.
The strategic focus here is about reciprocal learning between cities and governments managing large-scale, high-visibility transformation. And Riyadh is increasingly at the heart of those conversations.
Gary Hayslip (CISO at Halcyon) has watched global cyber markets evolve for years. What stands out to him in Saudi Arabia today is posture.
“I think the big thing here is that they’re willing to take chances and be innovative and try new things. And you see that at scale here in the Kingdom.”
This willingness to experiment at national scale changes the discourse around security.
“You have a government that believes in technology, and how it’s going to be changing the future, and changing the lives of its citizens – and they’re willing to go ahead and spend the money and the resources and the time to do it.”
For cybersecurity leaders, this government support is invaluable. When digital transformation is embedded in national strategy (not bolted on) security becomes part of foundational design rather than reactive control.
It also means new infrastructure is being built in environments that are ambitious by default. Smart cities, giga-projects, large-scale public platforms. Instead of incremental upgrades, these are leapfrog builds – creating both opportunity and attack surface.
For Rich Batch (CISO at AT&T), the significance of being in Riyadh comes down to context.
“Being in Riyadh helps shape the conversations this week [during Black Hat MEA] in a way that’s very unique, because of all the investment and activities that are going on in the region.”
When governments are investing heavily in digital infrastructure, AI, telecoms and smart services, cybersecurity discussions naturally move from defensive maintenance to strategic enablement. Robust security allows the region to build safely – something that Saudi Arabia’s government entities are acutely aware of.
And that makes the country an interesting opportunity for global CISOs. Silicon Valley is still important, but influence in cybersecurity is becoming more distributed. The Middle East is now a builder, and increasingly an international convenor, of technology.
We know we’re biased, but we think yes – every CISO in the world should experience the cybersecurity momentum in Riyadh.
Large-scale transformation is happening here, and creating both business opportunities and (just as importantly) learning opportunities for security practitioners worldwide.
Innovation environments like this demand adaptive security thinking – because when governments are willing to push into the future, security teams have to match that pace without becoming bottlenecks.
As Batch pointed out, simply being in Riyadh changes the tone of the discussion. Investment and ambition create urgency.
CISOs are coming to Riyadh to engage with relevant security thinking for today’s threat landscape and tech future. Cybersecurity is part of the national strategy – and that kind of focus changes the whole field.
Join the newsletter to receive the latest updates in your inbox.
The International AI Safety Report 2026 analysed for cybersecurity practitioners: AI in cyberattacks, vulnerability automation, phishing risks and evaluation blind spots.
Read More
New research reveals how privacy-first technologies are creating fraud blind spots, as AI-driven attacks scale faster than detection capabilities.
Read More
Cybersecurity founders share how Black Hat MEA helps them test ideas, prove product value, and grow their business.
Read More