Riyadh drives the global cybersecurity conversation with breakthrough exploits, hands-on simulations, and high-pressure intelligence at Black Hat MEA.
Riyadh — Black Hat MEA lit up Riyadh again for day two, pulling the global cybersecurity community deeper into the core questions shaping 2026. Thousands of specialists, founders, CISOs and researchers were in attendance to discuss the next trends in cybersecurity. Across the Executive Summit, Briefings and Deep Dive stages, the conversations cut straight into the realities of the current threat horizon: attack surfaces that shift by the minute, AI systems that influence the decision cycle, supply chains that create hidden dependencies and identity layers constantly pushed to breaking point.
Anne Marie Zettlemoyer of the National Security Institute delivered one of the morning’s most urgent sessions. “The systems we defend and the speed at which we defend them have changed more in the past couple of years than in the previous twenty” she said, stressing that AI has shifted from emerging idea to “our next critical infrastructure.” She closed with a clear challenge.
“Black Hat is not just a conference; it is a gathering of the most capable, strategic, and powerful minds anywhere in the world. If anyone can define responsible AI security, it is this community.”
Charles Forte, Director General and CIO at the UK Ministry of Defence, used a ‘Surfing the Digital Tsunami’ analogy to break down what effective leadership looks like when attack surfaces expand faster than defenders can map them. He told attendees that “being good at digital defines winning and losing” and outlined three priorities for any organised response: discipline in process, new investment in AI era defence and equal scrutiny on the supply chain as in internal systems.
The focus then moved to career impact with a session named Mastering the CISO Maturity Model, led by Derek Cheng, CISO at Deliveroo. Cheng mapped out the real benchmarks for modern security leadership. He explored how CISOs measure influence, scale governance, and evolve from technical operators into high-impact decision-makers who shape risk agendas at board level.
The Ship Spoofing simulation quickly became one of day two’s biggest draws. Before stepping into the live environment, participants were briefed on the fundamentals: how navigation systems on modern vessels can be manipulated by corrupted data streams and how a single injected signal can redirect or blind critical systems. Inside the simulation, attendees watched ships veer off course in real time as spoofed coordinates rewrote their route logic. The experience exposed why maritime transport is now a high-value target and how much work remains to reinforce this sector against increasingly precise attacks.
But the centre piece for day two was the world’s largest Capture the Flag (CTF) competition. Thousands of specialists are locked into a three-day jeopardy-style tournament designed to test and sharpen ethical hacking skills across categories including web, PWN, forensics, reverse engineering and cryptography. With the finale set for tomorrow, every remaining challenge becomes a potential match-winner, where one decisive exploit could rewrite the entire table before the countdown hits zero.
Running alongside CTF is the Bug Bounty Cup. Here, elite hunters spent the day drilling into live targets on the Bug Bounty platform, surfacing critical vulnerabilities and pushing each other to stay ahead by minutes, not hours. The competition has built steadily across two days, and tomorrow’s final hits will determine who walks out with top discoveries and the bragging rights that matter in this community.
Steve Durning, Portfolio Director of Black Hat MEA at Tahaluf, said: “Day two showed how powerful the activity-led experiences have become at Black Hat MEA. The simulations, competitions and hands-on environments are where theory gets pressure-tested and where teams discover what actually holds up against real attacks. Riyadh is proving that when you put this level of capability in one place, progress accelerates fast.”
Annabelle Mander, Executive Vice President of Tahaluf, added: “Day two showed how quickly this community moves when the pressure is real. The conversations here are not theory. They are decisions that shape national resilience and global security. Riyadh has become a place where IT leaders compare notes, challenge assumptions and build capability with clarity and intent.”
As Black Hat MEA moves into its final day, the focus turns to advanced research, high-impact strategy discussions and the closing rounds of the CTF and Bug Bounty Cup. Tomorrow brings new disclosures, fresh intelligence and the final battles that will decide the champions of both competitions. Day three will deliver clarity on the risks, capabilities and decisions that will define the next year of global cybersecurity.
