The Middle East and North Africa (MENA) are doubling down on cybersecurity, with information security spending projected to surge 14% year-over-year to $3.3 billion in 2025, according to Gartner. With enterprises accelerating digital transformation and AI adoption, securing critical infrastructure and mitigating cyber threats have become top priorities.
Security Services Lead The Charge
Among all cybersecurity segments, security services will see the highest growth, rising by 16.6% in 2025. The surge is driven by talent shortages, rising compliance demands, and the need for cost-effective solutions that provide advanced threat detection capabilities.
Follow THE FUTURE on LinkedIn, Facebook, Instagram, X and Telegram
“Finding highly skilled cybersecurity professionals remains a significant challenge,” said Shailendra Upadhyay, senior principal at Gartner. “Managed security services, including managed detection and response (MDR), are becoming the go-to solution for bridging this talent gap, enabling organizations to stay ahead of sophisticated cyber threats.”
Security Software Remains The Largest Investment Area
Security software will continue to dominate MENA’s cybersecurity spending, projected to reach nearly $1.5 billion in 2025—roughly 45% of total information security investments. The expansion of cloud technologies and the rapid evolution of AI-driven cyber threats are key drivers behind this trend.
“MENA enterprises are ramping up their investment in AI-powered security tools, cloud security, and identity access management,” Upadhyay noted. “They’re looking to securely integrate generative AI into their operations while maintaining regulatory compliance and mitigating emerging risks.”
Cybersecurity Trends Defining 2025
Gartner highlights two major cybersecurity trends that MENA enterprises must prioritize in the coming year:
1. Generative AI Reshaping Data Security
As generative AI (GenAI) becomes a core component of business operations, organizations are shifting their focus toward safeguarding unstructured data and leveraging synthetic data for training AI models.
To navigate these complexities, businesses are adopting data security posture management (DSPM) tools, which provide real-time visibility into sensitive data and ensure compliance with evolving regulations. “Traditional data anonymization methods are becoming obsolete,” said Sam Olyaei, vice president at Gartner. “Investing in synthetic data generation tools will be essential to mitigating privacy risks while maintaining AI model accuracy.”
2. Security Culture Is the New Frontline
With human error accounting for a significant portion of cyber incidents, enterprises are embedding security behavior and culture programs (SBCPs) into their core business strategies.
“The human element remains a critical vulnerability,” Olyaei explained. “Organizations integrating GenAI with security culture programs will see a 40% reduction in employee-driven cybersecurity incidents by 2026.”
Well-designed SBCPs enhance employee engagement, drive compliance, and build a proactive cybersecurity mindset across organizations. Companies that prioritize security awareness and training will be better positioned to navigate evolving cyber threats and regulatory landscapes.
The Bottom Line
MENA’s cybersecurity landscape is evolving at an unprecedented pace, with enterprises ramping up investments in security services, AI-driven protection, and cultural transformation. As businesses embrace digital transformation, the ability to adapt, secure, and innovate will define their competitive edge in an increasingly complex cybersecurity environment.
