Mohammad Tahmaz, Country Sales Manager – KSA, discusses how real-time visibility, segmentation, and threat intelligence are shaping the Kingdom’s next phase of critical infrastructure protection at Black Hat MEA 2025.
Forescout’s presence at Black Hat MEA 2025 reflects a pivotal moment for cybersecurity in the Middle East, where OT–IT convergence, smart infrastructure, and giga-project expansion are redefining national risk landscapes. Mohammad Tahmaz, Country Sales Manager – KSA, spoke to Daniel Sheperd, Online Editor, Tahawultech on how real-time visibility, automated control, and threat intelligence are becoming essential foundations for securing industrial environments. Tahmaz’s insights highlight the region’s growing urgency to safeguard critical infrastructure against increasingly sophisticated adversaries.
Interview Excerpts:
What are Forescout’s key priorities and focus areas at Black Hat MEA 2025, and how does your presence this year reflect the region’s growing urgency around OT security?
Our focus at Black Hat MEA 2025 is centred on raising awareness around OT security and demonstrating how organisations can build resilient, real-time defence capabilities across complex hybrid environments. The region is undergoing rapid digital transformation, and with that comes an urgent need to secure operational environments that were never originally designed for connectivity. We are showcasing how Forescout delivers continuous visibility, automated control, and risk-based response across OT, IT, and IoT ecosystems—capabilities that are now essential as Saudi Arabia accelerates industrial digitalisation.
With OT–IT convergence accelerating across energy, utilities, transport and manufacturing, what new vulnerabilities are you seeing, and how does Forescout help organisations secure these blended environments?
OT–IT convergence is expanding the attack surface dramatically. Many organisations are transitioning from legacy, isolated systems to highly connected environments with an increasing number of IoT and smart devices. This shift introduces vulnerabilities related to outdated platforms, misconfigurations, and devices that were never intended to be exposed. Forescout supports organisations by identifying every device—managed or unmanaged—profiling its behaviour, and applying automated policy-based controls. This helps maintain security as industrial networks evolve and adopt modern technologies.
Gaining real-time visibility into OT assets remains a major challenge in the Middle East. How does Forescout’s platform address unmanaged devices, legacy systems and segmentation gaps across industrial networks?
Unmanaged and legacy devices continue to be one of the biggest risks in OT environments. Forescout provides deep, continuous visibility into all assets the moment they appear on the network, without requiring agents.
“We detect devices across previously siloed segments, highlight gaps in network segmentation, and allow operators to enforce micro-segmentation with precision. This enables organisations to secure legacy infrastructure while progressively modernising their industrial architecture.”
As Saudi Arabia scales giga-projects and smart city deployments, how is Forescout supporting critical infrastructure operators in building secure-by-design OT ecosystems?
Saudi Arabia’s giga-projects and smart city initiatives depend on highly interconnected OT–IT environments. Forescout helps operators design networks where security is embedded from the start, not added later. Modern smart facilities no longer rely on a single, flat network; they have multiple specialised systems that must be isolated, monitored, and managed intelligently. Our platform provides the orchestration layer that enforces segmentation, monitors device interactions, and ensures that every asset maintains compliant behaviour across expanding digital infrastructures.
Ransomware groups and nation-state actors are increasingly targeting OT environments. What does Forescout’s threat intelligence indicate about evolving attacker behaviour in the region, and what defensive actions should organisations prioritise?
Threat actors are becoming more sophisticated, and they are actively exploiting the complexity of modern industrial environments. Ransomware groups and nation-state adversaries are leveraging unmanaged devices, legacy assets, and segmentation blind spots to move laterally and disrupt operations. Forescout’s threat intelligence provides continuous visibility into these behaviours, allowing organisations to detect anomalies early and respond before attackers can achieve impact. The priority now is to adopt automated detection, enforce segmentation, and maintain continuous monitoring across every device and protocol used in OT ecosystems.
