In this interview, Ram Narayanan, Country Manager at Check Point Software Technologies, Middle East, explores the escalating risks of smart home devices and AI-driven cyberattacks in the UAE.
Why are most smart home devices still vulnerable despite basic security measures?
Most smart home devices are built with functionality and affordability in mind, but security is too often treated as an afterthought. Many lack strong authentication, secure firmware, or regular patching. Once compromised, these devices can provide attackers with a backdoor into wider networks. According to Check Point Software’s latest Threat Intelligence report, organizations in the UAE have faced an average of 1,952 attacks per week over the last six months, with Information Disclosure vulnerabilities affecting 70% of them in the last 30 days.
This underscores that even “low-risk” devices can open the door to systemic breaches and highlights the importance of AI-powered prevention and Hybrid Mesh Security, which extends protection from smart homes to enterprises and critical infrastructure.
How are cybercriminals using AI to launch advanced attacks — and how can AI fight back?
AI has fueled an arms race in cyber security. Attackers exploit generative AI to create hyper-realistic phishing campaigns, deploy deepfakes to impersonate executives and use malicious tools like WormGPT to automate malware creation. We also see adaptive malware that rewrites its code to bypass defenses, and AI reconnaissance that accelerates target profiling. Defenders, however, can fight back with the same technology.
At Check Point, AI is embedded across the Infinity Platform: ThreatCloud AI, powered by more than 50 engines, processes vast global intelligence to block 99.9% of new malware in real time, Quantum gateways secure networks, CloudGuard protects multi-cloud deployments, Harmony safeguard endpoints and SaaS, Infinity AI Copilot automates SOC workflows, and GenAI Protect prevents sensitive data leakage through public AI tools.
Together, these capabilities give organizations the resilience to stay ahead of AI-powered threats, shifting the balance from attackers to defenders.
What advanced steps can households and businesses take beyond passwords and updates?
Passwords and updates are a start, but far from enough. Households should segment their networks, placing IoT devices on separate Wi-Fi and enable multi-factor authentication where possible. For businesses, the stakes are higher. They must adopt Zero Trust principles, runtime protection on IoT devices, and virtual patching at the network layer.
Check Point’s IoT Protect Nano Agent secures devices even at the firmware level, mitigating risk from exploits like Remote Code Execution (impacting 62% of UAE organizations in the last 30 days) and Authentication Bypass (impacting 49% of UAE organizations in the last 30 days), according to Check Point Software’s latest Threat Intelligence report. This device-level defense, combined with Hybrid Mesh Security, ensures resilience across both consumer and enterprise environments.
What cybersecurity strategy needs to be adopted to counter AI-driven threats?
The key is to move from detection-first model to prevention-first. With AI-powered attacks, waiting for alerts is too late. A resilient strategy combines AI-driven prevention across every attack surface with human-AI collaboration. Check Point’s Hybrid Mesh Security architecture, delivered through the Infinity Platform, unifies defenses across networks, clouds, endpoints and SaaS apps. This stops zero-day exploits before they spread, adapts in real time and simplifies operations, ensuring consistent protection across distributed environments. It’s not about more alerts — it’s about smarter prevention.
How can manufacturers, providers, and regulators work together to secure smart devices?
Manufacturers must embed security by design—from secure firmware to regular update. Providers should strengthen network monitoring, anomaly detection and cloud security practices. Regulators play a key role by setting standards and certifications that enforce accountability.
For example, Check Point’s DESC certification in the UAE ensures that its Infinity Portal and SaaS services meet strict government security requirements, building trust for regulated sectors. When manufacturers, providers and regulators align, the result is a stronger ecosystem of devices that are secure by design, resilient in practice and compliant with evolving rules.
What risks do insecure smart devices pose to critical infrastructure and public safety?
Compromised IoT devices are often the weakest link into critical systems. Insecure cameras, routers, sensors can be hijacked to launch massive DDoS attacks, disrupt essential services, or enable lateral movement into sensitive networks. Threat intelligence shows that authentication bypass affects nearly half of UAE organizations, proving that vulnerabilities go beyond privacy, directly threatening public safety and critical infrastructure. AI-powered prevention, continuous monitoring and Hybrid Mesh Security are essential to close these gaps before attackers exploit them at scale.
How can consumer awareness be improved to reduce smart device vulnerabilities?
Consumers often see smart devices as appliances, forgetting they are connected computers with real risks. Awareness can improve through simple steps: changing default passwords, keeping devices updated and isolating IoT networks. Security labeling—like energy efficiency ratings—would also help consumers make informed choices.
Beyond this, joint public campaigns by regulators, service providers and vendors like Check Point can build a culture of cyber hygiene. Initiatives such as Check Point’s SecureAcademy, which partners with universities and institutions worldwide, raise awareness and train the next generation of professionals — ensuring long-term resilience against IoT and AI-driven threats.
