Programme Overview
A two-day programme for IT and cybersecurity professionals, covering how AI is reshaping both the attack surface and the defender’s toolkit. It addresses AI as a productivity tool in IT operations and engineering, as a force-multiplier for security analysts and SOC teams, as a new class of risk introduced by adversaries, and as the organisation’s own AI adoption. Participants build practical skills with AI tools for scripting, log analysis, threat analysis and incident response, and learn to apply the requirements of the National Cybersecurity Authority (NCA) and SDAIA to AI-supported IT and security practice.
Learning Objectives
By the end of this programme, participants will be able to:
- Describe how AI is reshaping IT operations and cybersecurity, including emerging threat categories.
- Use AI tools for scripting, automation, log analysis, vulnerability triage and incident documentation.
- Apply AI to threat-intelligence synthesis, alert triage and incident response.
- Evaluate AI vendors in IT and security for technical fit, data handling and risk.
- Recognise and mitigate domain-specific AI risks, including prompt injection, model poisoning and data leakage.
- Apply the NCA’s Essential Cybersecurity Controls (ECC), SDAIA’s AI Ethics Principles and the PDPL to AI use in IT and security.
Programme Content & Modules
Day 1: The IT and cybersecurity landscape and AI in practice
How AI is reshaping IT operations, software engineering and cybersecurity. Defenders’ and attackers’ use of AI. Emerging AI-specific threat categories. The Saudi regulatory context, including the NCA’s Essential Cybersecurity Controls and sector-specific cybersecurity requirements.
Practical work with AI tools for scripting, log analysis, Infrastructure-as-Code (IaC) review, vulnerability triage and incident documentation. Prompt engineering for technical accuracy. A tour of AI-enhanced SOC, SIEM, EDR and SOAR platforms.
Day 2: AI-supported engineering and responsible practice
Using AI for alert triage, threat hunting, incident-timeline reconstruction and post-incident reporting. Working with AI coding assistants in secure environments. A group exercise on a realistic incident scenario supported by AI.
AI-specific threats and defences, including prompt injection, jailbreaks and data leakage through AI. Aligning the NCA’s Essential Cybersecurity Controls (ECC) with AI in IT. SDAIA’s AI Ethics Principles and the PDPL for operational data. Supply-chain risk in AI tools. Applied capstone project: each participant designs a responsible-AI-adoption plan for their IT or security function.
Suggested Duration
Two training days.
Target Audience & Prerequisites
Target audience: IT operations engineers, system administrators, DevOps and platform engineers, software developers, cybersecurity analysts, SOC analysts, incident responders, penetration testers and IT and security managers in government, banking, telecoms, energy and large enterprises.
Prerequisites: Practical experience in IT or cybersecurity. Scripting familiarity is helpful but not required. No prior background in AI is required, though those with programming experience will find additional depth in the practical work. A laptop is required for the hands-on sessions.
