Speakers To Watch At Black Hat MEA 2025: Jerich Beason

The who's who of the global cybersecurity landscape is coming together in Saudi Arabia for the fourth edition of Black Hat MEA running from December 2-4, 2025 in Riyadh, with the event's speaker line-up including Jerich Beason, who currently serves as the Chief Information Security Officer (CISO) for a Fortune 200 organization.  

Beason, who has dedicated his career to establishing industry-leading cybersecurity programs aimed at safeguarding some of the most sensitive assets in the US, has held leadership positions at renowned companies, including Capital One, Lockheed Martin, RSA, and Deloitte. As an advisor to federal government executives and Fortune 500 organizations, he provides guidance on cybersecurity strategy, architecture, and program development, and serves as a board advisor to several cybersecurity startups. Additionally, Beason hosts the SANS Seat at the Table Live show, which aims to empower cybersecurity leaders with the skills needed to exert influence within the C-suite.  

In a conversation with Inc. Arabia, Beason reflects that far from being merely a technical department, today, cybersecurity must be regarded as a core component to the smooth functioning of all businesses. “The biggest misconception is that cybersecurity is a technical problem solved by technical people,” he tells us. “It's actually a business risk and leadership challenge that happens to have technical components. I still encounter executives who believe they can delegate security entirely to their CISO and check a box. But when a breach happens, it's the CEO on the news, the board answering to shareholders, and the business that loses trust. Security has to be a business conversation, not just an IT conversation.” 

Additionally, Beason notes that, with cyber threats on the rise, it is paramount for businesses not to equate compliance with security. “The second misconception is that if you follow a framework, whether it's National Institute of Standards and Technology, International Organization for Standardization, or Center for Internet Security, you're secure," he points out. "Compliance is not security. It's a baseline, but adversaries don't care about your audit results.”  

Commenting on the state of the industry today, Beason says that technologies like artificial intelligence (AI) are opening up space for innovation in the industry, with the biggest opportunities coming from the collision of identity and AI. “We've spent two decades perfecting authentication and proving you are who you say you are," he explains. "Now, we need to solve authorization in real time for non-human identities making decisions at machine speed. How do we govern an AI agent that can access dozens of systems, make purchasing decisions, and interact with customers all before a human can review what happened? The innovation will come from those who figure out how to maintain control without killing velocity.”  

At Black Hat MEA this year, Beason will deliver a session on one of the most overlooked endpoints in modern security architecture: the browser. Through his session, he will guide users on how to secure it as a critical endpoint as AI integration expands cyberattack surfaces. “Most security leaders have invested heavily in endpoint detection, identity management, and cloud security, but the browser sits at the intersection of all three, and we're treating it like it's still 2010,” he explains. “I'm exploring how the browser has evolved from a simple access tool into an intelligent assistant that reads our email, writes our documents, and increasingly acts on our behalf through AI capabilities. This creates entirely new attack surfaces from prompt injection to session hijacking to AI agents leaking data they were never supposed to access.” 

“Attendees should sit in because this isn't another, ‘here's a new threat,’ talk," Beason continues. "I'm providing a practical framework for how to actually address this and how to treat the browser like the critical endpoint it has become, how to set guardrails for AI-powered browsing, and how to build a security culture that embraces innovation instead of blocking it. The reality is that the next major breach won't come from a sophisticated zero-day exploit. It will come from something simple, a compromised browser extension, a hijacked session, or an AI agent that was given too much access and not enough oversight. If you're responsible for protecting your organization in 2025 and beyond, understanding this threat landscape isn't optional anymore.”  

Catch Beason at this year's edition of Black Hat MEA, the world’s largest gathering of cybersecurity professionals, taking place from 2-4 December, 2025, at the Riyadh Exhibition and Convention Center in Malham. Inc. Arabia is a Media Partner for Black Hat MEA; register to attend the event by clicking here. 

Pictured in the lead image is Jerich Beason. Image courtesy Jerich Beason.