Toufic Derbass, Managing Director for the Middle East, Türkiye, and Africa at Kaspersky, sheds light on the challenges of securing critical sectors and the company’s pioneering Cyber Immunity approach.
Cybersecurity threats are evolving at a rapid pace, and industries such as utilities, oil and gas, and manufacturing are increasingly exposed due to outdated systems. Kaspersky, a global cybersecurity and digital privacy company, is responding to these vulnerabilities with innovative solutions, spearheading a movement toward Cyber Immunity.
Toufic Derbass, Managing Director for the Middle East, Türkiye, and Africa, discusses with Tahawultech.com at GISEC Global 2025, how the company is tackling the unique challenges facing critical infrastructure sectors, the transformative role of AI in cybersecurity, and the shift from traditional security measures to proactive, unhackable systems. Derbass also explores Kaspersky’s leadership in defining the future of cybersecurity through its vision of Cyber Immunity.
Interview Excerpts:
Why industrial sectors like utilities, oil and gas, and manufacturing are more vulnerable to cyberattacks, and how Kaspersky is addressing these challenges?
Critical infrastructure, such as utilities, oil and gas, and manufacturing, often lags behind traditional IT environments in terms of cybersecurity maturity. Industries are more vulnerable because they typically rely on older, less secure systems that weren’t designed with modern cybersecurity threats in mind. For example, in the Middle East, we see that about 38% of devices in the industrial sector have been compromised. At Kaspersky, we focus on providing a full portfolio that covers both endpoint and network protection for these sectors. Additionally, we offer dedicated threat intelligence and we’re the only company that has a dedicated team operating the world’s only CERT for industrial cybersecurity, which allows us to provide specialised support to address these unique challenges.
Can you explain Kaspersky’s concept of ‘Cyber Immunity’? How does it contrast with conventional cybersecurity approaches?
Cyber Immunity goes beyond traditional cybersecurity. While cybersecurity is about detecting and mitigating risks, Cyber Immunity aims to make systems completely unhackable. This vision is about building secure technology by design, ensuring that devices are inherently secure and resistant to cyberattacks. Kaspersky’s goal is to move beyond the ongoing cycle of attacks and defenses. For instance, we’ve developed Cyber–Immune thin clients and applications that are secure by design, even in the face of AI-driven threats. This methodology ensures that systems remain resilient, even in highly vulnerable environments like banking or telecommunications. It’s a transformative approach, and while we’re still in the early stages, we are leading the way in executing this vision.
Could you share your thoughts on how AI is changing the landscape of cyber threats, and how Kaspersky is utilising AI to stay ahead of these threats?
AI is a double-edged sword in the world of cybersecurity. On the one hand, cybercriminals are leveraging AI to automate and scale their attacks, creating highly credible phishing campaigns and malicious files. In fact, at Kaspersky, we identify around close to 500,000 new malicious files per day, a number that would be impossible to handle manually. On the other hand, we’ve been using AI and machine learning for over 20 years, long before AI became a buzzword. Our solutions utilise AI to predict and stop threats in real time, analysing vast amounts of data to detect anomalies and respond quickly.
“AI allows us to manage the sheer volume of attacks and ensure that our systems are continuously evolving to meet new challenges.”
You’ve mentioned that some cyberattacks on critical infrastructure have escalated to the level of cyber warfare, with real-world consequences. How can organisations prevent such catastrophic events from occurring?
Cyberattacks on critical infrastructure can indeed have devastating real-world consequences, such as explosions or system failures that disrupt entire industries or nations. Prevention starts with a proactive approach. Organisations must prioritise cybersecurity in their industrial environments, especially since many of these sectors are still catching up in terms of security measures. At Kaspersky, we emphasise the need for robust defense systems that not only detect but also prevent attacks before they can cause harm. We also stress the importance of collaboration between vendors, regulators, and other stakeholders to create a unified front against such advanced threats. By addressing cybersecurity at the design level, we can create more resilient systems that are capable of withstanding even the most sophisticated attacks.
Kaspersky has pioneered the development of Cyber Immunity. Could you discuss how this vision is being executed and how it’s impacting the cybersecurity industry?
Cyber Immunity is a long-term vision, and we are already taking steps to execute it. We’ve introduced Cyber-Immune products such as thin clients and an ecosystem of secure applications that provide a higher level of protection than traditional cybersecurity measures. This shift is gradually transforming the cybersecurity landscape, as we move from a reactive to a proactive stance, where systems are inherently immune to cyber threats. While we are still in the early stages of this transformation, especially in regions like Asia Pacific and the Middle East, we are leading the charge in creating these solutions. It’s a game-changer, and it’s changing how we think about security, moving us toward a future where attacks are no longer inevitable but preventable.
