Six million students will start learning artificial intelligence in Saudi Arabia’s classrooms when the 2025-2026 academic year begins. The Kingdom aims to develop 20,000 AI specialists by 2030, with 779,000 citizens already trained and 9,775 reaching specialist level.
On Tuesday, EC-Council rolled out four new AI security certifications designed to turn that momentum into job-ready credentials.
The cybersecurity training giant announced the Enterprise AI Credential Suite from Riyadh on 11th February, marking its largest portfolio expansion in 25 years. The launch comes as Gulf states pour resources into AI-driven infrastructure whilst grappling with a stubborn reality: production AI systems are scaling faster than the security workforce trained to defend them.
“Vision 2030 has set an ambitious direction for national AI capability, and similar momentum is building across the GCC,” said Jay Bavisi, Group President at EC-Council. “The next step is turning that ambition into role-ready skills so professionals and organisations can adopt AI responsibly, defend it under real conditions, and govern it with accountability as AI becomes part of everyday operations.”
The gap matters because Gulf organisations have moved past pilot projects. AI now runs through finance operations, energy grids, healthcare systems, and government services—environments where prompt injection attacks, data poisoning, and model exploitation carry consequences beyond lab settings. Saudi Arabia’s National Strategy for Data and AI (NSDAI) targets 40% of the national workforce for basic AI literacy, creating demand for professionals who understand how intelligent systems fail under pressure.
EC-Council’s approach splits credentials across three operational pillars: Adopt, Defend, Govern. The framework maps to how enterprises actually deploy AI at scale, not how they discuss it in strategy documents.
Artificial Intelligence Essentials (AIE) establishes baseline literacy across roles. Certified AI Programme Manager (CAIPM) focuses on translating strategy into execution, aligning teams and governance to deliver measurable returns. Certified Offensive AI Security Professional (COASP) trains specialists to test vulnerabilities in large language models, simulate exploits, and harden AI infrastructure against emerging threats. Certified Responsible AI Governance & Ethics Professional (CRAGE) tackles enterprise-scale compliance with NIST and ISO frameworks.
Alongside the four AI credentials, EC-Council launched Certified CISO v4, overhauling its executive cyber leadership programme for environments where systems learn, adapt, and influence outcomes without waiting for human approval.
“Security leaders are now accountable for systems that learn, adapt, and influence outcomes at speed,” Bavisi added. “Certified CISO v4 prepares leaders to manage AI-driven risk with clarity, strengthen governance, and make informed decisions when responsibility is on the line.”
The company brings existing government credibility to the Gulf market. Founded in 2001, EC-Council created the Certified Ethical Hacker (CEH) credential and holds ISO/IEC 17024 accreditation. It has certified over 350,000 professionals globally, with clients spanning the US Department of Defense, Army, Navy, Air Force, and Fortune 100 companies. Its certifications already meet DoD 8140 baseline requirements, positioning it for government and critical infrastructure contracts as AI security takes on national importance across the region.
What remains unclear is how quickly Saudi organisations will adopt role-specific AI security certifications versus pursuing broader cybersecurity credentials. The Kingdom’s ambitious timeline—six million students starting AI education within months, 20,000 specialists needed within four years—creates urgency. Whether the market absorbs four distinct AI security roles or consolidates around fewer specialisations will shape demand through 2030.
For now, the numbers tell the immediate story. Nearly 780,000 Saudis have completed some level of AI training. The gap between that figure and the 20,000 specialist target reveals the challenge: turning broad awareness into deep, operational expertise that can secure systems under real-world conditions.
By the time those six million students complete their first year of AI curriculum, the Gulf’s production AI environments will have expanded further. The question facing EC-Council and its competitors is whether certification frameworks can keep pace with the speed at which organisations are embedding intelligence into critical systems—and the speed at which adversaries are learning to exploit them.