Fortinet: How to Protect Banking From Rising AI Cyber Risks

The financial services sector is a lucrative target for cybercriminals and, as such, is one of the most targeted.

The Fortinet Report on Cybersecurity for the Banking Sector in the Middle East and Africa 2026, reveals the true extent of the threats that the sector is currently up against.

The report paints a picture of escalating cyber risk that financial institutions across the Middle East and Africa are having to reckon with. 

With the rate of AI-driven fraud operations skyrocketing by 1300%, digital and mobile banking services are on high alert for burgeoning AI backed identity impersonation, deepfakes and phishing. 

“The cybersecurity industry often feels as if we’re being outrun by someone with a drastic advantage,” writes Dr Carl Windsor, CISO at Fortinet, in his a recent blog post. 

“The CISOs I speak to daily frequently complain about having to defend against a growing number of adversaries with more resources and the ability to move faster than ever, thanks to AI.”

Third party risks and stronger compliance requirements 

In a move to expand digitise their core offerings, Saudi banks have begun relying on Banking-as-a-Service models and cloud computing, thereby increasing their threat radius through third party service providers. 

This, along with the growing complexity of digital threats, has given rise to a rapidly evolving regulatory landscape to secure financial infrastructure in the region.  

To support financial stability, protect consumer confidence and mitigate the systemic risks associated with the increasing dependence on digital systems, authorities are now focusing on bolstering operational resilience requirements.

Saudi Arabia leads cyber resilience

With greater oversight by the Saudi Central Bank and the National Cybersecurity Authority to keep cyber resilience under close scrutiny, the Kingdom of Saudi Arabia achieved full marks (20/20) in the Global Cybersecurity Index 2024, issued by the International Telecommunication Union. 

This positions the Kingdom alongside the 13 other countries in the Middle East and Africa classified as top-tier.

The nation’s scale of national investments in cybersecurity,  digital infrastructure development and strengthening the resilience of the financial sector in alignment with the objectives of Vision 2030 has earned it this title of valiance. 

Sovereign Cloud and smart defence

Sovereign cloud infrastructure has seen a steady growth in the Gulf Cooperation Council countries and several African nations. 

Led by data localisation requirements and concerns of national security, the sovereign cloud market has been booming with projections suggesting it will reach US$823.9bn in 2032.

AI-powered threat detection and post-quantum cryptography technologies are another field that is seeing increasing investments led by the Kingdom of Saudi Arabia. 

Post Quantum Readiness

The Fortinet report warns of a dire future as 61% of organisations in Europe, the Middle East and Africa are not prepared for the post-quantum era. 

With only 12% of surveyed enterprises deploying quantum-safe technologies, challenges linked to “harvest now, decrypt later” attacks are mounting. 

In such attacks, threat actors aim to collect encrypted data today with the intention of decrypting it in the future as quantum computing capabilities evolve, making quantum readiness a security imperative for the now. 

“Financial institutions are innovating faster than ever – but innovation without security creates new risks,” Fortinet notes. 

“Organisations modernising their security architecture are seeing measurable results. 

“In one example, deploying Fortinet’s cloud-native protection platform reduced alert volumes by 90% and saved US$200,000 annually by decommissioning legacy tools.”