Conversations, Claw Machines, and Cyber Shifts

Packed halls. High-stakes headlines. Back-to-back sessions with the who’s who of cyber.

This year’s Gulf Information Security Expo & Conference (GISEC 2025) moved fast, and so did the industry. 

Across seven halls, 160 countries, and thousands of decision-makers, the Middle East and Africa’s largest cybersecurity event surfaced urgent shifts in how the world tackles cyber risk.

Kernel Afrika was there to listen, lead, and launch what’s next. From back-to-back vendor meetings to standout demos, our message was clear: 

It’s time to turn global tools into local action.

What Stole the Spotlight at GISEC 2025

Across three incredible days, the GISEC conference delivered a clear view of what’s shaping cybersecurity right now:

• AI deployment

• Evolving identity strategies

• The realities of commercialised cybercrime

These were the themes that kept coming up—in sessions, on the floor, and in every serious conversation.

AI in the Kill Chain

Naturally, AI took centre stage in both offensive and defensive contexts.
From polymorphic phishing to autonomous threat detection, the message was clear:

AI now permeates every layer of the security stack. It fuels both increasingly sophisticated threats and the defences designed to stop them.

Sessions at the cybersecurity expo covered its use in behavioural baselining, adversarial testing, and security operations centre (SOC) automation, with practical examples from across the board.

Dr. Martin Kraemer unpacked the mechanics of AI-generated phishing and ransomware payloads. Eugene Kaspersky explored how AI is reshaping detection models in real time. And on the Dark Stage, offensive applications of AI were openly examined—from data poisoning to mobile-based social engineering.

Identity as a Strategic Priority


From phishing-resistant MFA to decentralised credential governance, identity security was front and centre. The message was clear: Access is the new attack surface, and it demands layered, adaptive, and Zero Trust protection:

Verify everything, trust nothing by default, and continuously enforce based on context.

At The Kernel’s stand, we held insightful meetings with our vendor partners, building regional roadmaps rooted in Zero Trust execution. Together, we’re working to strengthen the entire identity lifecycle—across people, devices, applications, and AI agents:

• Yubico

Hardware-based MFA (YubiKeys) that enable phishing-resistant login at scale, ideal for Zero Trust rollouts, financial services, and secure authentication in high-risk sectors.

• 1Password

Extended Access Management (XAM) to protect every sign-in across every app and device—even unmanaged or shadow IT. Helps secure credentials, enforce passkeys, and bring visibility to access sprawl.

• Pointsharp

On-premise access control with strong MFA, encrypted file/email security, and PKI integration. Delivers user-friendly compliance and secure communication across hybrid environments.

•  IS Decisions

Active Directory-focused tools like UserLock and FileAudit for insider threat detection, granular session policies, and audit-ready identity enforcement across internal networks.

• Fudo Security

Real-time session monitoring, credential vaulting, and third-party access governance. A foundational Zero Trust solution for privileged access management (PAM) with full compliance trail visibility.

•  Elcomsoft

Forensic-grade mobile and system data recovery, encrypted file access, and digital investigation tools. Supports post-incident response and regulatory investigation readiness.

• Gluu

Identity and access management (IAM) with robust federation, single sign-on (SSO), and flexible orchestration—especially valuable for public sector and hybrid government environments.

• Energy Logserver

Identity-aware log management and threat detection built for hybrid SOCs. Helps correlate events across users, devices, and applications for faster response and compliance reporting.

• EgoMind

Delivers hardware access control, application blocking, and post-quantum encryption. Designed for Zero Trust enforcement and data sovereignty at the hardware level.

• Skysnag

Automates DMARC, SPF, and DKIM enforcement to stop domain spoofing, protect brand reputation, and meet global email security requirements without complex configuration.

From credential vaults to privileged access workflows, every conversation circled back to one priority: How do we extend protection without slowing people down? 

Kernel Afrika’s role is to help organisations answer that—with integrated, scalable, and Zero Trust-aligned solutions that match African enterprise realities.

Commercialised Cybercrime and Financial Sector Risk

On the GISEC’s Dark Stage, Brett Johnson—a former cybercriminal turned cybersecurity advocate—delivered a sobering look into the world of Fraud-as-a-Service. His session revealed how today’s threat actors operate like legitimate businesses, complete with SaaS platforms, affiliate models, and even customer support.

From ransomware-as-a-service to deepfake-driven social engineering, the financial sector continues to be a prime target. Sessions on account takeover fraud, mobile app exploitation, and insider threats made one thing clear: 

Organisations need far greater visibility and access control across hybrid, decentralised environments. Without it, the speed and scale of modern cybercrime will keep outpacing traditional defences.

Cyber Resilience Over Checkbox Compliance

A clear theme emerged across multiple sessions at GISEC 2025: 

It’s time to move beyond box-ticking and towards continuous, adaptive security.

Keynote speakers called for integrated controls that evolve with the threat landscape. 

On the Main Stage, Joe Sullivan (former CSO at Uber and META) and John Hultquist (Google Threat Intelligence) unpacked the legal and leadership realities of breach fallout, offering hard-won insights on accountability under pressure.

Meanwhile, panels like the DESC Knowledge Showcase and the thought-provoking AI vs. AI debate challenged the audience to rethink resilience beyond the SOC, questioning how regulation, automation, and emerging tech will reshape how we define and defend cyber readiness.

Africa’s Voice on the Global Stage

Speakers like Celia Mantshiyane (FNB) and Ishaaq Jacobs (Sasol) brought strong African perspectives to discussions on cloud resilience, OT security, and cyber workforce development.

These voices highlighted a shared challenge across the continent:

Global tools must adapt to local realities.

At Kernel Afrika, we’re working every day to close that gap—with solutions that are identity-first, execution-ready, and rooted in South Africa’s threat landscape.

From the Expo Floor to Execution


For Kernel Afrika, the GISEC conference wasn’t just about trends and keynotes. It was about meaningful moments, strategic alignment, and building what’s next. Over three dynamic days, our team engaged in hands-on demos, partner strategy sessions, and high-impact conversations that will shape our roadmap in the months ahead.

Day 1: Energy, Alignment, Momentum

We kicked Day 1 off with focused meetings alongside Yubico, IS Decisions, EgoMind, and Energy Logserver, diving into deployment strategies and market adaptation. The energy across the halls was palpable with an international crowd, live challenges, and yes, a claw machine that brought out some healthy competition.

Day 2: Deep Dives and Live Demos

On Day 2, The Kernel conducted live demos of our latest solutions, while we met with more of our vendor partners to align on regional rollouts and technical roadmaps. Conversations at the cybersecurity conference were sharp, honest, and future-focused.

Day 3: High-Impact Conversations and a Big Finish

With record foot traffic at the stand and a packed schedule of vendor sessions, Day 3 was about synthesis. We explored market fit, technical enablement, and scaling support. We closed the week with some well-earned fun at the arcades.

A huge thank you to The Kernel team in Dubai for making it all happen—from logistics and live demos to building a stand that drew serious attention (and serious talent). 

Your energy and effort made the experience unforgettable.

Browse our GISEC 2025 highlights gallery here:




Building What’s Next (With the Best)
From Dubai to Johannesburg, the cybersecurity agenda is changing. 

AI is accelerating threats. Credentials are under siege. And compliance alone won’t protect your business.

For Sub-Saharan and South African organisations, insights from the GISEC event reaffirm a few key priorities:

• Secure identity at every layer.

• Manage access across devices and applications.

• Stay ahead of AI-enhanced threats.

• Build cyber resilience, not just audit readiness.

At Kernel Afrika, we’re already putting these insights into action through deployments, enablement, and the ongoing work of building a more secure digital future across the continent.

Have questions or ideas? Or are you looking to explore any of our solutions showcased at the GISEC conference? We’d love to connect. Get in touch, and let’s build what’s next, together.