Middle East financial firms prioritise security for AI agents and supply chains

By Puja Sharma

As financial institutions across the Middle East increasingly adopt artificial intelligence (AI) agents for tasks ranging from customer service to fraud detection and risk management, securing these systems and their underlying supply chains has become a top priority. Banks, FinTechs, and other financial enterprises are exploring autonomous AI tools to streamline operations, improve decision-making, and enhance customer experiences. However, the rapid adoption of AI introduces new challenges around infrastructure readiness, workforce capabilities, and cybersecurity.

Cisco’s AI Readiness Index 2025 underscores that more than 90% of organisations in the UAE and Saudi Arabia plan to develop or deploy AI agents in the near future. This adoption reflects strong momentum in the financial sector, but it also underscores the growing need for robust security measures. AI agents, by design, interact with sensitive financial data and perform autonomous actions that could have significant operational or compliance implications if compromised.

A critical area of concern lies in the AI supply chain. Modern AI systems rely heavily on third-party and open-source components such as pre-trained models, datasets, and frameworks. While these assets accelerate innovation, they also introduce potential vulnerabilities. A single compromised model or dataset can expose financial institutions to risks including code execution attacks, sensitive data leaks, and other security breaches. For organisations operating in highly regulated sectors such as banking and insurance, such vulnerabilities could have far-reaching consequences.

In addition to supply chain risks, AI applications in production face a variety of runtime threats. Prompt injections, data leakage, denial of service attacks, and the generation of unintended harmful outputs are among the potential challenges. The emergence of agentic AI and multi-agent systems adds further complexity. These systems may have autonomous decision-making capabilities, interact with multiple enterprise tools, and handle sensitive customer data, increasing the attack surface. Without proper safeguards, these interactions could lead to operational disruptions or breaches of regulatory requirements.

Financial institutions are therefore prioritising multi-layered AI security strategies. These include scanning AI models and repositories for vulnerabilities before deployment, implementing runtime protections to monitor interactions and prevent malicious behavior, and enforcing strict controls around agent access to sensitive systems. Organisations are also investing in staff training and governance frameworks to ensure that AI initiatives are aligned with regulatory expectations and risk management protocols.

Fady Younes, Managing Director for Cybersecurity at Cisco Middle East, Türkiye, Africa and Romania, said, “As AI agents move from experimentation to real-world deployment across the Middle East, organisations are facing new security considerations. From the third-party components used to build AI systems, to how autonomous agents interact with data and tools, securing the full AI lifecycle is becoming increasingly important for maintaining digital trust and resilience.”

Looking ahead, Middle East financial institutions are expected to continue expanding AI adoption, particularly in areas such as digital banking, credit risk assessment, anti-money laundering, and personalised financial advisory services. Ensuring that AI agents and their supply chains are secure will remain a key determinant of success. By adopting proactive security measures and monitoring frameworks, banks and FinTechs can build resilient AI systems that support innovation, maintain compliance, and safeguard customer trust.

As the region’s financial sector continues to embrace AI, a focus on security, governance, and risk management will be essential to fully realise the potential of intelligent, autonomous systems.