peshkov - stock.adobe.com

How AI is pushing cyber resilience up GCC energy boardroom agendas

TXOne Networks CEO Terence Liu says AI is transforming both industrial operations and cyber threats, forcing GCC energy operators to prioritise visibility, operational control and resilience as critical infrastructure becomes increasingly interconnected

As Gulf countries accelerate investments in energy diversification, industrial digitisation and critical infrastructure, cyber security strategies are evolving beyond traditional perimeter defence towards operational resilience.

According to Terence Liu, CEO of TXOne Networks, the rapid adoption of artificial intelligence (AI) across industrial environments is fundamentally changing how energy operators in the Gulf Cooperation Council (GCC) must manage cyber risk.

“The question is no longer simply whether organisations can defend against more attacks,” Liu says. “It is whether they can maintain the understanding and control required to keep critical services running when attacks evolve faster than traditional operational processes were designed to handle.”

Across the region, national transformation programmes are connecting operational technology (OT), cloud platforms, enterprise systems and remote engineering environments at unprecedented scale. While these initiatives enable predictive maintenance, greater efficiency and faster decision-making, they are also expanding industrial attack surfaces.

Liu argues that the biggest challenge facing energy operators is no longer cyber security alone, but managing the growing complexity of modern industrial environments. “Industrial systems were historically designed around stability and predictability. Today, production environments interact with cloud platforms, remote engineers, equipment manufacturers and third-party service providers. Organisations are becoming better at deploying technology than at simplifying it,” he adds.

AI is accelerating the cyber arms race

Artificial intelligence is simultaneously strengthening industrial operations and empowering attackers. Generative AI (GenAI) and autonomous reasoning tools are significantly reducing the time required to discover vulnerabilities, develop exploits and adapt attacks, increasing pressure on organisations that already struggle to patch legacy operational technology.

Unlike conventional IT infrastructure, many industrial control systems remain in service for decades and cannot simply be upgraded without risking operational disruption.

“Many operational assets cannot be patched or replaced on modern IT timelines,” Liu explains. “Even today, security teams often identify vulnerabilities faster than operational teams can safely remediate them. As AI accelerates vulnerability discovery, that gap will only widen.”

Rather than attempting to eliminate every vulnerability, Liu believes organisations must adopt a more risk-based approach. “The strategic challenge is reducing operational risk faster than attackers can exploit it,” he says. “The conversation shifts from finding every problem to making measurable progress against the risks that matter most.”

Visibility alone is no longer enough

For critical infrastructure operators, comprehensive asset visibility has become a prerequisite for resilience. However, Liu believes visibility without operational control offers only limited protection.

“Visibility tells organisations where assets exist, where vulnerabilities are present and where abnormal behaviour is occurring. But visibility alone does not create progress. Progress requires control, the ability to prioritise critical assets, strengthen protection and take action without disrupting operations.”

This is particularly relevant across the GCC, where modern digital platforms increasingly coexist alongside ageing industrial infrastructure that remains essential to daily operations.

“Most organisations are building the future while simultaneously operating the past. The challenge is ensuring that modernisation does not outpace operational understanding,” Liu adds.

Operational resilience becomes an executive priority

The shift is also changing how cyber risk is discussed inside organisations. Historically viewed as an engineering or IT responsibility, operational resilience is increasingly becoming a board-level issue as cyber incidents threaten production, supply chains, regulatory compliance and corporate reputation.

“A significant operational disruption extends far beyond the plant floor,” Liu said. “Executive leadership teams can no longer treat operational resilience as a downstream technical matter.”

Headshot of Terence Liu.

“The strategic challenge is reducing operational risk faster than attackers can exploit it”

Terence Liu, TXOne Networks

According to findings from TXOne Networks’ Energy Operators Challenges 2026 research, organisations across the GCC are increasingly influenced by regulatory requirements, national strategic priorities and greater executive accountability for operational continuity.

Rather than focusing solely on threat detection, boards are now asking whether organisations can continuously reduce operational risk while maintaining business continuity.

Looking ahead, Liu expects AI to play a larger defensive role inside industrial environments. Rather than simply identifying threats, AI will increasingly help operators understand complex operational dependencies, prioritise critical assets and recommend protection strategies that minimise disruption.

He also sees significant potential for sovereign AI initiatives and locally developed small language models tailored to regional industrial environments. “The future is not simply AI versus humans. It is trusted operational AI, guided by human expertise, defending against malicious AI.”

As governments across the GCC continue investing in digital transformation and critical infrastructure, Liu believes competitive advantage will increasingly depend on operational understanding rather than technology deployment alone.

“The organisations that lead the next phase of the GCC’s energy transformation will not necessarily be those deploying the greatest number of technologies. They will be the ones that combine visibility, operational control and trusted AI to build resilient industrial operations.”

Read more about cyber security

Read more on Information technology (IT) in the Middle East