In an era of rapid digital transformation, cybersecurity is no longer just about protecting a perimeter it’s about securing every identity. We sat down with Sathya P., Sales Director for Identity & Access Management (IAM) at Spire Solutions, a leader in cybersecurity for the Middle East and Africa (MEA). With decades of experience in the region, Sathya provides a unique perspective on the evolving threat landscape, the rise of Zero Trust architectures, and the pivotal role of AI in shaping the future of digital trust. In this exclusive interview, he shares key insights on what organizations must prioritize to stay ahead and why a strategic, identity-first approach is the new standard for resilience.
Q&A with P. Sathyamurthy
Q. From your vantage point as a Sales Director at Spire Solutions, what are the top 3 identity security priorities you’re hearing from your clients as they look to future-proof their organizations against emerging threats and evolving regulatory landscapes?
A. Besides IGA and PAM a still popular asks when it comes to clients Identity Security programs, I am witnessing a great demand on Zero Trust Identity Verification. Especially, with the recent announcement by UAE’s Central Bank asking banks to move away from traditional SMS & Email based OTP, to app-based authentication effective July 2025 and before conclusion of March 2026. With client’s maturity to move to “never trust, always verify”, and layering MFA, continuous risk-based assessment and adaptive access policies at every access request, ensuring that every user, device and session are continuously evaluated against real-time threat signals. I see these to be significant opportunities.
Q. Given your leadership experience in identity security and IAM, what’s been the most significant lesson you’ve learned about effectively leading teams and driving innovation particularly across culturally diverse teams in the Middle East?
A. I am in the region for over three decades, with focus around Identity & Access Management (IAM) past 17 years engaging with clients in various capacity as vendor, SI and VAD, across the Middle East, empathy is just not a soft skill—it is the fundamental of collaboration. Also, the longevity in the region has allowed me to understand the local customs, working style, and communication well. I have built credibility by continuous value creation; made people willing to share ideas and flag risks early. By small gestures, both internal and external clients see a great value collaborating with me. I believe when it comes to innovation it resonates well with the team’s values and experiences.
Q. How are you seeing organizations in the Middle East & Africa (MEA) region approach the adoption of zero-trust architectures and what unique challenges and opportunities do they face in implementing these frameworks compared to other regions?
A. I think with the significant adoption of Zero Trust in the GCC especially organizations the UAE and Saudi Arabia are outpacing. With Government-led digital initiatives and agenda, and rising use of AI-powered deepfakes, ransomware, and state-sponsored attacks in the region has elevated Zero Trust from “nice-to-have” to business imperative. Furthermore, I see other countries in the Middle East are accelerating in line with respective nations digital transformation strategy. Perhaps, countries in Africa, the Zero Trust adoption are subjective but growing rapidly, with cloud migration/cloud adoption is becoming a viable business strategy.
Q. AI is increasingly being used to enhance threat detection in identity systems. How can organizations leverage AI to effectively identify and respond to sophisticated identity-based attacks, and what are the potential pitfalls to avoid?
A. In order leverage AI for Identity-based threat detection, organizations can consider AI to move beyond static rules and signatures, unveiling subtle, evolving identity threats in real time. By combining advanced analytics with contextual intelligence, teams can spot anomalies, prioritize risk, and orchestrate automated responses to sophisticated attacks before they escalate. When it comes to potential pitfalls to avoid, be mindful of your AI as it might flag normal user actions as threats (false alarms). The attackers can feed bad data to weaken your detection models. While using personal data without proper controls can compromise regulations. Lastly, one of the most important aspects is cost to build and run AI-based detection requires expert resources, right tools, and ongoing services. Organizations need to partner with the right team.
Q. What role do you believe partnerships and collaborations play in fostering innovation and driving the adoption of advanced identity security solutions in the MEA region, and how is Spire Solutions engaging with technology alliances, Partners and Customers to achieve this?
A. In the rapidly evolving cybersecurity landscape, partnerships and collaborations serve as the catalyst for both innovation and widespread adoption of advanced identity security solutions in MEA. By leveraging the unique strengths of industry-leading technology partner solutions coupled with Spire Solutions expertise, system integrators, and end-customers, the ecosystem combines to deliver solutions and services that are both cutting-edge and regionally relevant. Through Spire’s presence at major regional exhibitions such as GITEX Global, GISEC, LEAP, Blackhat, webinars, workshops, etc., we accelerate customer confidence in adopting and growing their identity security journey. We also play a significant role helping organizations to stay a step ahead in today’s dynamic threat landscape.
Q. What is your vision for the future of digital trust in the Middle East & Africa, and what steps can organizations take to build and maintain that trust with their customers, partners and employees?
A. As MEA accelerate their digital transformation driven by AI, cloud and related adoption digital trust will become the cornerstone of economic growth and social inclusion. Organizations will be expected to embed cybersecurity as a strategic asset. A unified regulatory framework across markets will emerge, balancing agility with robust data protection to reduce fragmentation and shore up cross-border collaboration. To build and maintain digital trust, with clients, we need to adopt globally recognized digital trust frameworks (e.g., NIST) to demonstrate rigorous data governance and security practices. With partners, complement compliance protocols across authorities by engaging with regional regulators and industry associations to shape unified standards for data protection and AI ethics. Lastly to workforce, provide an ongoing training programs on cybersecurity hygiene, data-privacy best practices and ethical AI, ensuring everyone understands their role in upholding trust. Furthermore, by investing—cyber resilience, transparent governance, inclusive engagement and human-centric controls will position organizations in MEA to not only meet rising stakeholder expectations but to turn digital trust into a competitive advantage.
Q. What’s your perspective on how African enterprises, especially in fast-growing digital economies can leapfrog in identity security, and what foundational steps should CIOs prioritize?
A. Enterprises in Africa is fast-growing digital economies are uniquely positioned to leap in identity security. In my opinion, CIOs should prioritize in Identity-first security, adopting passwordless authentication/biometric authentication, integrating AI for threat detection, etc. As both human identities and non-human identities/machine identities are out numbering and exploding in growth, CIOs need to treat identity security as a strategic enabler rather than just a compliance checkbox.
Are you a tech leader driving change in Africa?
If you’re leading in cybersecurity, AI, or digital transformation across the continent, we’d love to share your story.
To be featured on CxOTrail, email us at editorial@cxotrail.co
