Intelligent CIO Middle East Issue 112 | Page 59

CASE STUDY

GEMS Education is one of the oldest and largest K-12 private education providers in the world and a regarded choice for quality education in the Middle East and North Africa region . As a company founded in the UAE in 1959 , it holds a track record of providing diverse curricula and educational choices .

Every day , GEMS has the privilege of educating students from over 176 countries through its owned and managed schools globally . Students graduating from GEMS schools progress to the world ’ s best universities . Over the past five years , GEMS students have been accepted into over 1,050 universities in 53 countries including all eight Ivy League universities in the US and all 24 Russell Group universities and colleges in the UK .
Cyber threat landscape resources and rising digital adoption . Human error remains a significant vulnerability , with staff and students often falling prey to phishing and social engineering attacks due to insufficient awareness and training . The lack of robust information security policies further weakens defences , leaving institutions exposed to breaches .
With the emergence of AI , the risks are amplified , necessitating clear policies on AI ethics , data privacy , and responsible use .
“ Additionally , aging infrastructure , budget constraints , and a lack of cybersecurity expertise hinder proactive threat management , leaving the sector vulnerable to increasingly sophisticated attacks ,” says Ossama El Samadoni , General Manager , GBM Dubai .
The regional education sector faces critical cybersecurity challenges , exacerbated by limited
“ With the ever-increasing frequency and complexity of cyberthreats , the importance of cybersecurity in educational settings is growing exponentially . At GEMS Education , we are committed to safeguarding the data and privacy of our students and employees ,” says Suresh Bathrachalam , Senior Vice President Technology , GEMS Education .
The regional education sector is facing an increasingly complex threat landscape , driven by the widespread adoption of digital platforms , reliance on valuable data repositories , and often inadequate cybersecurity measures . Among the most pressing concerns are ransomware attacks , where attackers encrypt critical institutional data and demand payment for its release .
These attacks pose a severe risk , particularly for schools and universities that depend on uninterrupted access to learning management systems . Weak access controls and outdated systems only increase the likelihood of exploitation .
Phishing and social engineering tactics further exacerbate the problem . Cybercriminals exploit human vulnerabilities by using deceptive emails or messages to trick staff and students into sharing sensitive credentials or interacting with malicious links . In addition , data breaches are a significant concern , as personal information about students , parents , and faculty is a high-value target .
Another common threat is a distributed denial-ofservice , DDoS attack , which disrupts operations by targeting online classes , exams , and administrative systems , resulting in significant downtime . Additionally , supply chain attacks have emerged as a critical vulnerability , with threat actors leveraging weaknesses in third-party education software or IT providers to cause widespread disruption across multiple institutions .
Jason Fernandes , Vice President , Head of Tech Infra and Ops , GEMS Education
www . intelligentcio . com INTELLIGENTCIO MIDDLE EAST 59