{"id":115655,"date":"2026-06-10T05:59:31","date_gmt":"2026-06-10T05:59:31","guid":{"rendered":"https:\/\/enterpriseam.com\/menaplus\/?p=115655"},"modified":"2026-06-11T11:12:48","modified_gmt":"2026-06-11T11:12:48","slug":"why-cyber-resilience-is-now-a-non-negotiable-fixed-cost-for-the-banking-sector-in-mena","status":"publish","type":"post","link":"https:\/\/enterpriseam.com\/menaplus\/2026\/06\/10\/why-cyber-resilience-is-now-a-non-negotiable-fixed-cost-for-the-banking-sector-in-mena\/","title":{"rendered":"Why cyber resilience is now a non-negotiable fixed cost for the banking sector in MENA+"},"content":{"rendered":"\n<p><strong>Resilience is a newly critical fixed cost in banking \u2014 and not every bank will be able to pay <\/strong><strong>it.<\/strong> That\u2019s the blunt assessment of Mashreq Group Chief Information Security Officer Olivier Busolini, whose bank responded to March\u2019s attacks by re-architecting for a scenario the Gulf\u2019s risk models never priced in: The UAE itself going dark.<\/p>\n\n\n\n<p><strong>The digital-first bank is re-architecting its cloud to fail over to regions outside the Gulf<\/strong>, treating geographic redundancy as a core control rather than a nice-to-have \u2014 and, pending regulatory approval, preparing to hold backup copies of critical data in Europe and Asia. The lesson of March, Busolini says, is that same-region redundancy protects you from a data center failure, not from a war.&nbsp;<\/p>\n\n\n\n<p><strong>When we mapped last month <\/strong><a href=\"https:\/\/enterpriseam.com\/menaplus\/2026\/05\/01\/how-geopolitical-volatility-and-ai-are-reshaping-regional-cybersecurity\/\"><strong>{how geopolitical volatility and AI are reshaping regional <\/strong><strong>cybersecurity}<\/strong><\/a>, we argued that the convergence of physical conflict and digital attacks was breaking the old corporate risk models. Mashreq\u2019s playbook shows what replacing them looks like in practice.&nbsp;<\/p>\n\n\n\n<p><strong>Among the key takeaways<\/strong>, Busolini walks us through:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>How the definition of resilience has shifted from \u201ccan we recover?\u201d to \u201ccan we continue operating?\u201d<\/li>\n\n\n\n<li>How the bank is looking for regulatory approval to move key backups outside our region;<\/li>\n\n\n\n<li>Why its expansions in Egypt and Pakistan are built as sealed, digitally sovereign compartments to hedge against the possibility of a breach in one market cascading to others;<\/li>\n\n\n\n<li>What a \u201cminimum viable bank\u201d costs to keep standing<\/li>\n\n\n\n<li>What the cost of additional resilience could mean to smaller lenders;<\/li>\n\n\n\n<li>And the three ways he convinces other execs and boards to think through wartime investment in capex on cybersecurity.<\/li>\n<\/ul>\n\n\n\n<p><strong>EnterpriseAM: Iranian strikes took down data centers in the UAE and Bahrain, at least <\/strong><strong>two of which have never recovered. How did that change how you think about resilience and being cloud-first?<\/strong><\/p>\n\n\n\n<p><strong>Olivier Busolini: The events of March did not reverse Mashreq\u2019s cloud\u2011first strategy, but <\/strong><strong>they materially refined how cloud resilience is defined and engineered<\/strong>. Our internal decisions shifted away from assuming that same\u2011region redundancy provides sufficient resilience during geopolitical escalation. Same-region redundancy protects against data\u2011center failures, not regional or geopolitical outages.<strong> <\/strong>As a result, the strategic response has focused on re\u2011architecting for geographic\u2011independent failover.&nbsp;<\/p>\n\n\n\n<p><strong>Core banking and ledger platforms remain on hardened, regulator-approved on\u2011premise <\/strong><strong>environments<\/strong>, consistent with existing regulatory and operational models, as reflected in Mashreq\u2019s resilience plans. At the same time, we\u2019re redesigning cloud\u2011based systems toward primary-secondary or active-active multi\u2011region models, including regions outside the Gulf, to reduce the shared geopolitical blast radius.&nbsp;<\/p>\n\n\n\n<p>[These are two different ways of running backup systems across different geographies to ensure a bank stays online. A primary-secondary model works like a main computer and a standby backup: If a crisis knocks-out the main region, the bank has to flip a switch to wake up the secondary region and take over. An active-active model works like a multi-engine airplane: Both regions are fully awake and processing live customer data simultaneously.]&nbsp;<\/p>\n\n\n\n<p><strong>Selective externalization is the name of the game. This means backups and archives <\/strong><strong>migrating to Europe or Asia<\/strong> for cyber and regional\u2011outage resilience. It also means cross\u2011region designs for cloud security and monitoring platforms, specifically to remain operational if UAE regions are unavailable. We\u2019re in the design phase and, in some cases, have prepared plans that are pending regulatory approval.&nbsp;<\/p>\n\n\n\n<p><strong>This doesn\u2019t mean relocating the bank, but ensuring cognitive continuity<\/strong>, as in the ability for monitoring, decision\u2011making, data recovery, and command\u2011and\u2011control during regional disruption. We\u2019re positioning this as \u2018cloud maturity,\u2019 not \u2018cloud retreat\u2019 \u2014 it\u2019s not about \u201cCan we recover?\u201d but \u201cHow can we continue operating?\u201d<\/p>\n\n\n\n<p><strong>EnterpriseAM: We reported on an 8x surge in DDoS attacks in March. Is your intelligence <\/strong><strong>team see any signs of the use of adaptive AI bots \u2014 specifically, those that can autonomously change their traffic signatures or attack tactics once they\u2019re throttled by your defenses?<\/strong><\/p>\n\n\n\n<p><strong>OB: We haven\u2019t seen confirmed evidence of fully autonomous, self\u2011adapting AI botnets <\/strong><strong>dynamically mutating attack signatures in real time.<\/strong> The March DDoS surge was predominantly driven by hacktivist\u2011style DDoS campaigns characterized by high volume, rapid coordination across groups, and sustained, rolling attacks across multiple days and geographies.&nbsp;<\/p>\n\n\n\n<p><strong>The dominant behavior was human\u2011directed adaptation, not autonomous AI adaptation.&nbsp; <\/strong>The human behavior pattern included manual switching, HTTP floods, and application\u2011layer pressure, as in re\u2011targeting banks and public\u2011facing portals as defenses were activated. Those attacks were loud, visible, and symbolic, rather than stealth\u2011driven. While fully autonomous adaptive botnets have not been observed, we\u2019re acutely aware \u2014 through external advisories \u2014 that AI\u2011accelerated offensive capabilities are emerging, particularly in exploit discovery and chaining, rather than DDoS traffic shaping itself. Current data shows limited evidence of APT\u2011level, destructive tooling.<\/p>\n\n\n\n<p><strong>EnterpriseAM: Are you seeing any evidence that these big, noisy DDoS attacks are being <\/strong><strong>used to overwhelm security teams while AI-assisted tools perform surgical, quiet data exfiltration in the background?<\/strong><\/p>\n\n\n\n<p><strong>OB:<\/strong> We considered this hypothesis, but found no confirmed evidence during the March events that DDoS activity was successfully used to mask simultaneous stealthy data exfiltration. The observed activity remained noisy end\u2011to\u2011end. Our detection did not show indicators of stealthy lateral movement, data staging, or exfiltration. The primary risk observed was availability and reputational impact rather than deep, stealthy compromise at this stage.<strong> <\/strong>Where quiet compromise has occurred regionally outside Mashreq, it involved, as per our understanding, mobile device management environments, or supply\u2011chain or third\u2011party control planes.<\/p>\n\n\n\n<p><strong>EnterpriseAM: In your last annual report, Mashreq highlighted \u201coperational resilience\u201d as <\/strong><strong>a core pillar. Did the March attacks change the way you think about what that means?&nbsp;<\/strong><\/p>\n\n\n\n<p><strong>OB: Yes \u2014 the definition of operational resilience has demonstrably expanded.<\/strong> We\u2019re still thinking through a cyber\u2011availability lens (DDoS, software redundancy, local disaster recovery) but we\u2019re also thinking about what we call a broader \u201cgeo\u2011physical\u2011operational\u201d model.<\/p>\n\n\n\n<p><strong>Geographic redundancy is now a must-have, not an optional enhancement.<\/strong> This includes backups outside the UAE in locations such as Europe for selected cloud and SaaS platforms \u2014 subject to regulatory approval, of course. Regional outages are now credible threats, not edge cases. Resilience discussions now integrate physical, connectivity, vendor, and staffing concentration risks, alongside cyber threats.&nbsp;<\/p>\n\n\n\n<p><strong>But this doesn\u2019t mean a blanket policy to move workloads out of the Gulf during <\/strong><strong>escalation. <\/strong>Certain functions are explicitly documented as UAE\u2011anchored due to regulatory or physical dependencies and must be made resilient in place rather than relocated.&nbsp;<\/p>\n\n\n\n<p><strong>EnterpriseAM: You\u2019re growing quickly in Egypt with both the Egyptian banking arm and <\/strong><strong>with key back-office functions being carried out there for the group. <\/strong>And you have a full digital license in Pakistan. How do you ensure that a threat in Egypt or Pakistan doesn\u2019t spread to other operations?<\/p>\n\n\n\n<p><strong>OB:<\/strong> We treat expansion markets as digitally sovereign compartments so that lateral privilege into the UAE core is deliberately engineered out. We don\u2019t want to see a breach in one geography cascade to others. All of our key controls are designed with this in mind.&nbsp;<\/p>\n\n\n\n<p><strong>EnterpriseAM: Beyond Mashreq\u2019s own internal infrastructure, where do you see the most <\/strong><strong>significant systemic risk?&nbsp;<\/strong><\/p>\n\n\n\n<p><strong>OB<\/strong>:<strong> The largest risks here are not isolated attacks, but shared dependencies where many institutions fail at once<\/strong> \u2014&nbsp;there\u2019s simply a massive amount of shared\u2011infrastructure risks \u2014&nbsp;risks outside Mashreq\u2019s unilateral control \u2014&nbsp;that we need to think through and mitigate. This means hedging against single-provider dependency risk, even with multi availability zones designs. It also means hedging against domestic telco concentration, where connectivity, payments, and remote operations during crisis scenarios could be impacted.<br><strong>Our internal resilience plans also address exposure across national payments infrastructure<\/strong> or SWIFT and correspondent banking connectivity, etc. Third\u2011Party SaaS used for security monitoring, collaboration or crisis communication. We\u2019re evaluating them now not just for availability, but for jurisdiction, data residency, and survivability during geopolitical escalation.<\/p>\n\n\n\n<p><strong>EnterpriseAM: Our reporting suggests that defending against cyber risk is going to get <\/strong><strong>more and more expensive. How do you make the case to leadership for a wartime boost in capex?&nbsp;<\/strong><\/p>\n\n\n\n<p><strong>OB:<\/strong> We\u2019re not justifying hardening as a security upgrade, but as a core business\u2011continuity and franchise\u2011protection investment. We presented that to our executive committee and the board of directors in explicitly economic terms.&nbsp;<\/p>\n\n\n\n<p><strong>EnterpriseAM: How should other institutions think through the capex piece?<\/strong><\/p>\n\n\n\n<p><strong>OB: We used three principles that we think are widely applicable. <\/strong>First, we defined what a \u201cminimum viable bank\u201d looked like and set out to deliver that, not maximum fortification. That means ensuring the bank can continue operating a critical subset of services. In our case, that meant core ledgers, payment, treasury, and regulatory reporting systems and essential security, identity, and data\u2011preservation capabilities \u2014&nbsp;not full operations.&nbsp;<\/p>\n\n\n\n<p><strong>You also want to see those investments be \u201creversible\u201d where possible. <\/strong>Think about temporary cross\u2011region data copies, additional cloud capacity, and backup preservation.&nbsp;<\/p>\n\n\n\n<p><strong>And when you\u2019re making your case, always set out the cost of prevention in the context <\/strong><strong>of the cost of outage. <\/strong>Spending on resilience is easy to quantify \u2014&nbsp;the cost of regulatory exposure, inability to clear payments or meet obligations, and long\u2011tail reputational harm are existential. This isn\u2019t about incremental IT spend, it\u2019s about reputation and delivering on our promises.&nbsp;<\/p>\n\n\n\n<p><strong>EnterpriseAM: Can smaller banks with higher cost bases keep pace?&nbsp;&nbsp;<\/strong><\/p>\n\n\n\n<p><strong>OB:<\/strong> Resilience is becoming a fixed cost of banking, not a competitive feature \u2014 institutions with scale can amortize it; others must compromise. Smaller institutions with higher cost bases may struggle to justify irreversible capex and be forced toward shared utilities, outsourcing, or lighter \u201ccompliance\u2011minimum\u201d resilience. This creates a structural resilience gap rather than a skill gap.<\/p>\n\n\n\n\n","protected":false},"excerpt":{"rendered":"<p>Resilience is a newly critical fixed cost in banking \u2014 and not every bank will be able to pay it. That\u2019s the blunt assessment of Mashreq Group Chief Information Security Officer Olivier Busolini, whose bank responded to March\u2019s attacks by re-architecting for a scenario the Gulf\u2019s risk models never priced in: The UAE itself going [&hellip;]<\/p>\n","protected":false},"author":64,"featured_media":115659,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"newspack_ads_suppress_ads":false,"newspack_popups_has_disabled_popups":false,"newspack_sponsor_sponsorship_scope":"","newspack_sponsor_native_byline_display":"inherit","newspack_sponsor_native_category_display":"inherit","newspack_sponsor_underwriter_style":"inherit","newspack_sponsor_underwriter_placement":"inherit","ep_exclude_from_search":false,"_primary_brand":0,"newspack_featured_image_position":"","newspack_post_subtitle":"March rewrote the Gulf\u2019s cyber risk models \u2014 Mashreq\u2019s chief information security officer walks us through the new playbook that CEOs and CTOs need to know","newspack_article_summary_title":"Overview:","newspack_article_summary":"","newspack_hide_updated_date":false,"newspack_show_updated_date":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[2789],"tags":[2923],"brand":[],"newspack_spnsrs_tax":[],"class_list":["post-115655","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-ai-innovation","tag-cybersecurity","wpautop","entry"],"acf":{"photo_url":"","photo_link":"","photo_position":"above","related_issue":"","teaser":"","story_type":"1","is_powered_by":false,"related_sponsor":"","voice_url":"","homepage_title":"","full_issue_title":"","mongo_id":"","en_translation_ref_id":"","section_story_id":"","order":""},"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.1 (Yoast SEO v27.1.1) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Why cyber resilience is now a non-negotiable fixed cost for the banking sector in MENA+ - MENA+ Edition<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/enterpriseam.com\/menaplus\/2026\/06\/10\/why-cyber-resilience-is-now-a-non-negotiable-fixed-cost-for-the-banking-sector-in-mena\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Why cyber resilience is now a non-negotiable fixed cost for the banking sector in MENA+\" \/>\n<meta property=\"og:description\" content=\"Resilience is a newly critical fixed cost in banking \u2014 and not every bank will be able to pay it. That\u2019s the blunt assessment of Mashreq Group Chief Information Security Officer Olivier Busolini, whose bank responded to March\u2019s attacks by re-architecting for a scenario the Gulf\u2019s risk models never priced in: The UAE itself going [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/enterpriseam.com\/menaplus\/2026\/06\/10\/why-cyber-resilience-is-now-a-non-negotiable-fixed-cost-for-the-banking-sector-in-mena\/\" \/>\n<meta property=\"og:site_name\" content=\"MENA+ Edition\" \/>\n<meta property=\"article:published_time\" content=\"2026-06-10T05:59:31+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-06-11T11:12:48+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/i0.wp.com\/ent.news\/internal\/115659.jpg?fit=%2C&ssl=1\" \/><meta property=\"og:image\" content=\"https:\/\/ent.news\/internal\/115659.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1\" \/>\n\t<meta property=\"og:image:height\" content=\"1\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"patrick\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"patrick\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"8 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/enterpriseam.com\/menaplus\/2026\/06\/10\/why-cyber-resilience-is-now-a-non-negotiable-fixed-cost-for-the-banking-sector-in-mena\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/enterpriseam.com\/menaplus\/2026\/06\/10\/why-cyber-resilience-is-now-a-non-negotiable-fixed-cost-for-the-banking-sector-in-mena\/\"},\"author\":{\"name\":\"patrick\",\"@id\":\"https:\/\/enterpriseam.com\/menaplus\/#\/schema\/person\/4a1dbbc476814f0745451b587ce478d5\"},\"headline\":\"Why cyber resilience is now a non-negotiable fixed cost for the banking sector in MENA+\",\"datePublished\":\"2026-06-10T05:59:31+00:00\",\"dateModified\":\"2026-06-11T11:12:48+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/enterpriseam.com\/menaplus\/2026\/06\/10\/why-cyber-resilience-is-now-a-non-negotiable-fixed-cost-for-the-banking-sector-in-mena\/\"},\"wordCount\":1660,\"publisher\":{\"@id\":\"https:\/\/enterpriseam.com\/menaplus\/#organization\"},\"image\":{\"@id\":\"https:\/\/enterpriseam.com\/menaplus\/2026\/06\/10\/why-cyber-resilience-is-now-a-non-negotiable-fixed-cost-for-the-banking-sector-in-mena\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/i0.wp.com\/ent.news\/internal\/115659.jpg?fit=%2C&ssl=1\",\"keywords\":[\"Cybersecurity\"],\"articleSection\":[\"AI + INNOVATION\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/enterpriseam.com\/menaplus\/2026\/06\/10\/why-cyber-resilience-is-now-a-non-negotiable-fixed-cost-for-the-banking-sector-in-mena\/\",\"url\":\"https:\/\/enterpriseam.com\/menaplus\/2026\/06\/10\/why-cyber-resilience-is-now-a-non-negotiable-fixed-cost-for-the-banking-sector-in-mena\/\",\"name\":\"Why cyber resilience is now a non-negotiable fixed cost for the banking sector in MENA+ - MENA+ Edition\",\"isPartOf\":{\"@id\":\"https:\/\/enterpriseam.com\/menaplus\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/enterpriseam.com\/menaplus\/2026\/06\/10\/why-cyber-resilience-is-now-a-non-negotiable-fixed-cost-for-the-banking-sector-in-mena\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/enterpriseam.com\/menaplus\/2026\/06\/10\/why-cyber-resilience-is-now-a-non-negotiable-fixed-cost-for-the-banking-sector-in-mena\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/i0.wp.com\/ent.news\/internal\/115659.jpg?fit=%2C&ssl=1\",\"datePublished\":\"2026-06-10T05:59:31+00:00\",\"dateModified\":\"2026-06-11T11:12:48+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/enterpriseam.com\/menaplus\/2026\/06\/10\/why-cyber-resilience-is-now-a-non-negotiable-fixed-cost-for-the-banking-sector-in-mena\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/enterpriseam.com\/menaplus\/2026\/06\/10\/why-cyber-resilience-is-now-a-non-negotiable-fixed-cost-for-the-banking-sector-in-mena\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/enterpriseam.com\/menaplus\/2026\/06\/10\/why-cyber-resilience-is-now-a-non-negotiable-fixed-cost-for-the-banking-sector-in-mena\/#primaryimage\",\"url\":\"https:\/\/i0.wp.com\/ent.news\/internal\/115659.jpg?fit=%2C&ssl=1\",\"contentUrl\":\"https:\/\/i0.wp.com\/ent.news\/internal\/115659.jpg?fit=%2C&ssl=1\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/enterpriseam.com\/menaplus\/2026\/06\/10\/why-cyber-resilience-is-now-a-non-negotiable-fixed-cost-for-the-banking-sector-in-mena\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/enterpriseam.com\/menaplus\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Why cyber resilience is now a non-negotiable fixed cost for the banking sector in MENA+\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/enterpriseam.com\/menaplus\/#website\",\"url\":\"https:\/\/enterpriseam.com\/menaplus\/\",\"name\":\"MENA+ Edition\",\"description\":\"MENA+ Edition\",\"publisher\":{\"@id\":\"https:\/\/enterpriseam.com\/menaplus\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/enterpriseam.com\/menaplus\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/enterpriseam.com\/menaplus\/#organization\",\"name\":\"MENA+ Edition\",\"url\":\"https:\/\/enterpriseam.com\/menaplus\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/enterpriseam.com\/menaplus\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/ent.news\/internal\/42998.svg\",\"contentUrl\":\"https:\/\/ent.news\/internal\/42998.svg\",\"caption\":\"MENA+ Edition\"},\"image\":{\"@id\":\"https:\/\/enterpriseam.com\/menaplus\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/enterpriseam.com\/menaplus\/#\/schema\/person\/4a1dbbc476814f0745451b587ce478d5\",\"name\":\"patrick\",\"url\":\"https:\/\/enterpriseam.com\/menaplus\/author\/patrick\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Why cyber resilience is now a non-negotiable fixed cost for the banking sector in MENA+ - MENA+ Edition","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/enterpriseam.com\/menaplus\/2026\/06\/10\/why-cyber-resilience-is-now-a-non-negotiable-fixed-cost-for-the-banking-sector-in-mena\/","og_locale":"en_US","og_type":"article","og_title":"Why cyber resilience is now a non-negotiable fixed cost for the banking sector in MENA+","og_description":"Resilience is a newly critical fixed cost in banking \u2014 and not every bank will be able to pay it. That\u2019s the blunt assessment of Mashreq Group Chief Information Security Officer Olivier Busolini, whose bank responded to March\u2019s attacks by re-architecting for a scenario the Gulf\u2019s risk models never priced in: The UAE itself going [&hellip;]","og_url":"https:\/\/enterpriseam.com\/menaplus\/2026\/06\/10\/why-cyber-resilience-is-now-a-non-negotiable-fixed-cost-for-the-banking-sector-in-mena\/","og_site_name":"MENA+ Edition","article_published_time":"2026-06-10T05:59:31+00:00","article_modified_time":"2026-06-11T11:12:48+00:00","og_image":[{"url":"https:\/\/i0.wp.com\/ent.news\/internal\/115659.jpg?fit=%2C&ssl=1","type":"","width":"","height":""},{"url":"https:\/\/ent.news\/internal\/115659.jpg","width":1,"height":1,"type":"image\/jpeg"}],"author":"patrick","twitter_card":"summary_large_image","twitter_misc":{"Written by":"patrick","Est. reading time":"8 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/enterpriseam.com\/menaplus\/2026\/06\/10\/why-cyber-resilience-is-now-a-non-negotiable-fixed-cost-for-the-banking-sector-in-mena\/#article","isPartOf":{"@id":"https:\/\/enterpriseam.com\/menaplus\/2026\/06\/10\/why-cyber-resilience-is-now-a-non-negotiable-fixed-cost-for-the-banking-sector-in-mena\/"},"author":{"name":"patrick","@id":"https:\/\/enterpriseam.com\/menaplus\/#\/schema\/person\/4a1dbbc476814f0745451b587ce478d5"},"headline":"Why cyber resilience is now a non-negotiable fixed cost for the banking sector in MENA+","datePublished":"2026-06-10T05:59:31+00:00","dateModified":"2026-06-11T11:12:48+00:00","mainEntityOfPage":{"@id":"https:\/\/enterpriseam.com\/menaplus\/2026\/06\/10\/why-cyber-resilience-is-now-a-non-negotiable-fixed-cost-for-the-banking-sector-in-mena\/"},"wordCount":1660,"publisher":{"@id":"https:\/\/enterpriseam.com\/menaplus\/#organization"},"image":{"@id":"https:\/\/enterpriseam.com\/menaplus\/2026\/06\/10\/why-cyber-resilience-is-now-a-non-negotiable-fixed-cost-for-the-banking-sector-in-mena\/#primaryimage"},"thumbnailUrl":"https:\/\/i0.wp.com\/ent.news\/internal\/115659.jpg?fit=%2C&ssl=1","keywords":["Cybersecurity"],"articleSection":["AI + INNOVATION"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/enterpriseam.com\/menaplus\/2026\/06\/10\/why-cyber-resilience-is-now-a-non-negotiable-fixed-cost-for-the-banking-sector-in-mena\/","url":"https:\/\/enterpriseam.com\/menaplus\/2026\/06\/10\/why-cyber-resilience-is-now-a-non-negotiable-fixed-cost-for-the-banking-sector-in-mena\/","name":"Why cyber resilience is now a non-negotiable fixed cost for the banking sector in MENA+ - MENA+ Edition","isPartOf":{"@id":"https:\/\/enterpriseam.com\/menaplus\/#website"},"primaryImageOfPage":{"@id":"https:\/\/enterpriseam.com\/menaplus\/2026\/06\/10\/why-cyber-resilience-is-now-a-non-negotiable-fixed-cost-for-the-banking-sector-in-mena\/#primaryimage"},"image":{"@id":"https:\/\/enterpriseam.com\/menaplus\/2026\/06\/10\/why-cyber-resilience-is-now-a-non-negotiable-fixed-cost-for-the-banking-sector-in-mena\/#primaryimage"},"thumbnailUrl":"https:\/\/i0.wp.com\/ent.news\/internal\/115659.jpg?fit=%2C&ssl=1","datePublished":"2026-06-10T05:59:31+00:00","dateModified":"2026-06-11T11:12:48+00:00","breadcrumb":{"@id":"https:\/\/enterpriseam.com\/menaplus\/2026\/06\/10\/why-cyber-resilience-is-now-a-non-negotiable-fixed-cost-for-the-banking-sector-in-mena\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/enterpriseam.com\/menaplus\/2026\/06\/10\/why-cyber-resilience-is-now-a-non-negotiable-fixed-cost-for-the-banking-sector-in-mena\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/enterpriseam.com\/menaplus\/2026\/06\/10\/why-cyber-resilience-is-now-a-non-negotiable-fixed-cost-for-the-banking-sector-in-mena\/#primaryimage","url":"https:\/\/i0.wp.com\/ent.news\/internal\/115659.jpg?fit=%2C&ssl=1","contentUrl":"https:\/\/i0.wp.com\/ent.news\/internal\/115659.jpg?fit=%2C&ssl=1"},{"@type":"BreadcrumbList","@id":"https:\/\/enterpriseam.com\/menaplus\/2026\/06\/10\/why-cyber-resilience-is-now-a-non-negotiable-fixed-cost-for-the-banking-sector-in-mena\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/enterpriseam.com\/menaplus\/"},{"@type":"ListItem","position":2,"name":"Why cyber resilience is now a non-negotiable fixed cost for the banking sector in MENA+"}]},{"@type":"WebSite","@id":"https:\/\/enterpriseam.com\/menaplus\/#website","url":"https:\/\/enterpriseam.com\/menaplus\/","name":"MENA+ Edition","description":"MENA+ Edition","publisher":{"@id":"https:\/\/enterpriseam.com\/menaplus\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/enterpriseam.com\/menaplus\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/enterpriseam.com\/menaplus\/#organization","name":"MENA+ Edition","url":"https:\/\/enterpriseam.com\/menaplus\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/enterpriseam.com\/menaplus\/#\/schema\/logo\/image\/","url":"https:\/\/ent.news\/internal\/42998.svg","contentUrl":"https:\/\/ent.news\/internal\/42998.svg","caption":"MENA+ Edition"},"image":{"@id":"https:\/\/enterpriseam.com\/menaplus\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/enterpriseam.com\/menaplus\/#\/schema\/person\/4a1dbbc476814f0745451b587ce478d5","name":"patrick","url":"https:\/\/enterpriseam.com\/menaplus\/author\/patrick\/"}]}},"featured_image_src":"https:\/\/i0.wp.com\/ent.news\/internal\/115659.jpg?ssl=1","featured_image_src_square":"https:\/\/i0.wp.com\/ent.news\/internal\/115659.jpg?ssl=1","author_info":{"display_name":"patrick","author_link":"https:\/\/enterpriseam.com\/menaplus\/author\/patrick\/"},"jetpack_featured_media_url":"https:\/\/i0.wp.com\/ent.news\/internal\/115659.jpg?fit=%2C&ssl=1","jetpack_sharing_enabled":true,"jetpack-related-posts":[],"_links":{"self":[{"href":"https:\/\/enterpriseam.com\/menaplus\/wp-json\/wp\/v2\/posts\/115655","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/enterpriseam.com\/menaplus\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/enterpriseam.com\/menaplus\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/enterpriseam.com\/menaplus\/wp-json\/wp\/v2\/users\/64"}],"replies":[{"embeddable":true,"href":"https:\/\/enterpriseam.com\/menaplus\/wp-json\/wp\/v2\/comments?post=115655"}],"version-history":[{"count":6,"href":"https:\/\/enterpriseam.com\/menaplus\/wp-json\/wp\/v2\/posts\/115655\/revisions"}],"predecessor-version":[{"id":115729,"href":"https:\/\/enterpriseam.com\/menaplus\/wp-json\/wp\/v2\/posts\/115655\/revisions\/115729"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/enterpriseam.com\/menaplus\/wp-json\/wp\/v2\/media\/115659"}],"wp:attachment":[{"href":"https:\/\/enterpriseam.com\/menaplus\/wp-json\/wp\/v2\/media?parent=115655"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/enterpriseam.com\/menaplus\/wp-json\/wp\/v2\/categories?post=115655"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/enterpriseam.com\/menaplus\/wp-json\/wp\/v2\/tags?post=115655"},{"taxonomy":"brand","embeddable":true,"href":"https:\/\/enterpriseam.com\/menaplus\/wp-json\/wp\/v2\/brand?post=115655"},{"taxonomy":"newspack_spnsrs_tax","embeddable":true,"href":"https:\/\/enterpriseam.com\/menaplus\/wp-json\/wp\/v2\/newspack_spnsrs_tax?post=115655"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}