Interviews
Zero Trust is What Security Should Have Been From the Beginning

In this exclusive interview, Petko Stoyanov, the Global CTO at Forcepoint, speaks about their new Forcepoint One offering, the evolving security threat landscape, the skills gap in the industry, and more
You recently conducted the Forcepoint One event. What was it all about?
We announced Forcepoint One way back in February 2022, globally, as a marketing event. And then on, we started focussing on regional events. At the UAE event, we had over a hundred people attending the event and we’ve definitely had a lot of interest in Forcepoint One. We spent some time with our customers at the event, understanding their challenges and explaining how Forcepoint One is a better way to access the internet securely – not just the Internet or cloud, but also private applications.
During the pandemic, many people were working from home and though they wanted to be productive in a new working environment, they lacked the tools. So, the users started using tools they weren’t supposed to. However, if we had visibility into that and gave the users control over the data they could use, it would have been amazing. That’s what is unique with Forcepoint One – we have centralised the management.
In doing so, we don’t need all your data. Your data stays with you and we want to give you control over the data that matters to you. So, the beauty of our solution is centralised management, distributed enforcement of security, and data loss prevention, and just visibly at the same time.
Another pain point customers are facing is hiring the right talent. For managing cybersecurity products and solutions, one needs to be a CSSP. However, the number of certified professionals in this region is far lower than the demand. There is a precise skill gap in this industry that needs to be tackled. We need to change how we approach cybersecurity and hiring.
How has the security threat landscape changed over the past couple of years?
Well, it has changed even in the last two months. We are seeing lots of geo-political tensions everywhere and these instances are being used as a reason to attack government installations, utility services, oil and gas installations, banking systems, telecoms, and so on.
The safety we feel here in the UAE is because of the regulation we have in place, which is a lot of ways, applies to cybersecurity. Regulations also drive other things globally. At Forcepoint, we offer many tailor-made solutions for such industry verticals. Our data loss prevention solutions are used by some of the largest organisations in the world and our threat prevention capabilities are used to protect some of the most sensitive networks in the world.
In terms of the skills gap you mentioned, what do companies need to do to solve this?
I think there are two problems with this. One is the demand issue, where we don’t have enough people to fill up the specialised jobs available. So we’ve got to train more and more professionals so they are qualified to take up such critical jobs. Another problem is that most companies are hiring the wrong set of talents for job openings. We need to list out the job criteria that make sense.
Do not hire someone who is a jack of all trades – he/she will always be a master of none. Companies need to ask these questions. Why do I need that certification? Why do I need 20 years of experience in cybersecurity? Why do I need expertise in a 10-year-old language that is going to be non-existent in the next couple of years? So I would say, companies need to start asking questions about their hiring rates, making sure they have the right talent for the right job.
I think there are multiple things we’ve got to do as an industry. We’ve got to educate more customers so they make sure they have the right people for the job. They need to understand that you do not require a Ph.D. to go configure a router or configure something on the network. You shouldn’t be spending months deploying software. It should be done in days not months. And that is exactly what Forcepoint One is tackling.
What is your take on the Zero Trust Framework?
So, I’ve been working on the Zero Trust concept for the past three years. The US government’s been using it extensively. And the way they started is, they started actually started using Zero Trust almost 10 years ago. Zero Trust is what security should have been from the beginning. Because you’re applying security and controls only to the data – so users need to only access what they need to. But there are multiple layers of security in Zero Trust.
There’s Zero Trust where we need user data. There’s Zero Trust where you need the device. And then there are applications. You want to make sure that the user, the device, and the application have access to data, but also ensure at the same time that any data that goes to those users and devices are authorised. So it’s in many ways, applying the concept of what’s known as least privilege to the data element, the device element, the application layer, and the user.
Do you offer certification programs for your channel partners?
Yes, we do offer certification programs to make sure channel partners are at the forefront of everything we do. We are also investing a lot to make sure this happens – in the last 18 to 24 months, we’ve doubled the size of our team here. We keep our training and certification programs simple, so when our certified partners go to a customer, they know what they are talking about in order to suggest solutions to solve their issues.
What were your learnings from last year and how are you using those to better your strategies for this year?
So, in January 2016, Forcepoint spun out of Raytheon. Even though we are now an independent company, Raytheon still uses our software and hence they are our customers. So, as soon as we went on our own, we got into an acquisition mode – buying technologies and companies that complemented our ecosystem of solutions.
Our strategy has always been to invest in new solutions that complement our existing set of solutions and offer a complete end-to-end solution. So today we are capable of integrating additional solutions such as RBI, CDR and ZT, and so on. So all of these are being offered as a bouquet of services through our management platform.
GISEC
ManageEngine @ GISEC Global 2025: AI, Quantum Computing, and Ransomware Form Part of Cybersecurity Outlook for 2025

As AI-powered attacks and quantum computing reshape the cyber threat landscape, organizations must rethink traditional defense strategies. In an exclusive interview, Sujoy Banerjee, Associate Director at ManageEngine, reveals how businesses can prepare for 2025’s most critical threats—from AI-generated phishing scams to quantum-decrypted ransomware (more…)
GISEC
Positive Technologies @ GISEC Global 2025: Demonstrating Cutting-Edge Cyber Threats and AI Defense Strategies

At GISEC Global 2025, Positive Technologies showcased live demonstrations of sophisticated hacking techniques while emphasising the growing role of AI in both cyber attacks and defense. In an exclusive interview with Security Review, Ilya Leonov, the Regional Director at Positive Technologies revealed insights about the Middle East’s evolving threat landscape, their work with regional governments, and why investing in human expertise remains critical despite advancing technologies (more…)
GISEC
Group-IB @ GISEC Global 2025: Tackling Evolving Cyber Threats with Localised Intelligence and AI

At this year’s GISEC Global, cybersecurity firm Group-IB showcased its expanding role in combating increasingly sophisticated cyber threats. In an exclusive interview with Security Review, Ashraf Koheil, the META Director of Business at Group-IB, discussed the company’s growing presence at GISEC, emerging cybercrime trends, and how their AI-powered threat intelligence platform is helping businesses and governments stay ahead of attackers (more…)
-
Cyber Security6 days ago
Dubai Hosts GISEC 2025, Driving Billion-Dollar Cyber Growth
-
Cyber Security5 days ago
GISEC 2025 Launches OT Security Conference Amid 49% Infrastructure Attack Surge
-
Cyber Security1 week ago
GISEC Global 2025: A Vital Platform to Connect With Customers and Partners in the Region
-
Cyber Security1 week ago
DESC to Highlight Dubai’s Cyber Defense Strategies as GISEC 2025 Government Partner
-
Cyber Security1 week ago
Inside the Shadowy World of Investment Scams: How Fraudsters Use Facebook and Fake News
-
Cyber Security1 week ago
Rising Cyber Insurance Pressures Push UAE Firms to Fix Identity Silos and AI Vulnerabilities
-
Cyber Security5 days ago
Huawei Experts Reiterate the Importance of a Unified Cybersecurity Foundation at GISEC Global 2025
-
Artificial Intelligence5 days ago
CyberKnight Partners with Ridge Security for AI-Powered Security Validation