A very different kind of alchemy takes place in the industrial quarter of Yanbu, where the hum of petrochemical transformation is carried by desert winds. Every year, 400,000 metric tons of polypropylene are produced here by reactors that are molecularly precise. Beneath this tangible achievement, however, lies an unseen architecture—networks teeming with information, algorithms managing unstable processes, and control systems where even a single microsecond of delay could spell disaster. Greetings from the domain where Mohammed Sibgathullah Khan coordinates one of the Kingdom’s most important digital defences.
At NATPET, Mohammed Sibgathullah Khan is the Director of Information Technology and guards more than just the networks. He builds resilience in a world where cybersecurity meets chemical engineering, IT systems talk to operational technology, and one weak link can cascade from corrupted data to compromised safety systems. His mission goes well beyond security. He engineers the digital backbone for Saudi Arabia’s Vision 2030 and proves that the industrial future of the Kingdom depends not on firewalls alone but on leaders who fuse technical mastery with strategic foresight and an unwavering commitment to developing the next generation of cyber defenders.
The Strategic Architect
As Director of Information Technology, Mohammed Sibgathullah Khan operates at the intersection of industrial might and digital vulnerability. Two decades of experience have taught him a fundamental truth: in petrochemical operations, cybersecurity decisions ripple far beyond data protection. They determine whether production continues uninterrupted, whether safety systems respond when needed, and whether environmental safeguards hold firm under pressure.
He approaches security as a business enabler rather than a technical constraint. His philosophy centers on embedding protection into every operational layer, from AI-driven threat detection to zero-trust frameworks that span NATPET’s complex IT and OT infrastructure. This isn’t defensive thinking; it’s strategic offence, positioning security as the foundation for innovation and growth.
What distinguishes Mohammed’s leadership is his ability to translate technical complexity into business clarity. When stakeholders debate investment priorities, he articulates security not in technical jargon but in terms of operational continuity, regulatory compliance, and competitive advantage. This communication bridge transforms cybersecurity from an IT concern into an enterprise imperative.
Pioneering Cloud Migration in High-Stakes Environments
Leading NATPET’s SAP S/4 HANA migration from on-premises to cloud infrastructure tested every dimension of Mohammed’s strategic vision. Petrochemical operations tolerate no downtime, yet transformation demands disruption. His solution: security-by-design from inception.
He established a dedicated steering committee where security, compliance, and business continuity leaders aligned on risk tolerance before a single system migrated. Pre-migration vulnerability assessments became mandatory. Encryption protocols and zero-trust access controls governed every integration point. Continuous coordination with SAP and cloud providers ensured security patches were validated seamlessly while maintaining audit readiness.
The migration succeeded not merely as a technical achievement but as a cultural shift. Mohammed Sibgathullah Khan fostered accountability across teams, proving that digital transformation and security excellence advance together when leadership refuses to compromise either. The result: modernized systems strengthening rather than straining operational resilience.
Bridging the IT-OT Divide
NATPET’s mission-critical environment demands what few organizations achieve: genuine integration of information technology and operational technology without compromising safety or uptime. Mohammed’s unified governance framework aligns cybersecurity, process control, and safety standards under singular risk management.
His initiatives include AI-driven anomaly detection combines with rigorous change management, creating visibility across both IT and OT networks while respecting the unique requirements of each.
This integration ensures secure, stable operations that maintain the highest safety standards. Where traditional organizations struggle with silos between IT security teams and operational engineers, Mohammed Sibgathullah Khan builds bridges, creating unified defence that protects digital assets and physical infrastructure simultaneously.
AI Deployment with Purpose and Precision
When implementing AI-based threat detection and anomaly monitoring, Mohammed Sibgathullah Khandemands transparency, explainability, and reliability as non-negotiable standards. Model transparency comes first, understanding how AI interprets data and identifies anomalies. Black-box systems pose operational risks he won’t accept.
Explainability follows naturally. AI must provide clear reasoning behind alerts, enabling analysts to distinguish genuine threats from routine network behaviour. This reduces alert fatigue while strengthening decision-making. Continuous model tuning using real network behaviour minimises false positives and sharpens detection precision.
Compliance with data privacy and regulatory frameworks remains essential. Mohammed Sibgathullah Khanbelieves AI should augment human intelligence, not replace it, empowering teams with actionable insights that enhance trust, speed, and resilience. This philosophy ensures advanced technologies multiply security capabilities rather than introducing new uncertainties.
Cultivating Security as Shared Ownership
Technology alone cannot safeguard mission-critical operations. People form the first defence line. Mohammed Sibgathullah Khan transforms cybersecurity from a technical obligation into an organizational mindset through role-based training for operations, maintenance, and production teams- staff who rarely think about cyber risks yet encounter them daily.
Interactive learning programs include phishing simulations, scenario-based workshops, and multilingual materials reaching diverse literacy levels. These initiatives create a genuine understanding of how security lapses cascade into operational incidents. Operators grasp how minor oversights trigger major consequences. Maintenance teams recognize security implications when connecting diagnostic tools to industrial networks.
This cultural transformation builds a workforce that remains vigilant and empowered. Security becomes everyone’s responsibility rather than IT’s burden. The result: organizational resilience rooted in awareness, ownership, and shared commitment to protecting critical operations.
Preparing for Crisis with Confidence
Mohammed Sibgathullah Khan operates under a well-defined incident response framework combining technical precision with operational discipline. While NATPET has avoided major crises, preparedness ensures an effective response if incidents occur. He emphasizes facts over assumptions, data-driven decisions over speculation, and clear communication over panic.
His crisis leadership empowers people to act confidently under pressure, safeguarding digital integrity and physical safety simultaneously. For him, these are the twin pillars of industrial cybersecurity. Following any security event, focus shifts immediately to learning. Transparent post-incident reviews strengthen resilience and prevent recurrence.
Regular tabletop exercises simulate threat scenarios, building muscle memory for coordinated response. Clear protocols keep stakeholders informed without creating alarm. Mohammed’s approach balances urgency with measured analysis, enabling rapid response without rash decisions.
Mentoring Tomorrow’s Cyber Leaders
Developing local cybersecurity talent represents Mohammed’s most fulfilling responsibility. He builds a generation of professionals understanding both industrial operations and digital risk- a rare combination essential in petrochemical environments. Young Saudi professionals shadow senior engineers across OT, IT, and cybersecurity projects, gaining firsthand exposure to ICS threat modelling, network segmentation, and safety system protection.
Beyond technical skills, Mohammed Sibgathullah Khan emphasizes strategic thinking, ethics, and ownership. He teaches cybersecurity as a business enabler, not merely a control function. This mentorship aligns with Vision 2030’s goal of localizing digital capabilities and developing national resilience in critical infrastructure.
His guidance extends beyond technical training. “Understand business context. Engage cross-functional teams early. Communicate risks in terms decision-makers understand. Balance technical expertise with strategic insight. These lessons accelerate career growth while enabling effective organizational protection,” states Mohammed.
Measuring Excellence Beyond Compliance
Mohammed Sibgathullah Khan tracks Mean Time to Detect and Mean Time to Respond, metrics reflecting detection and response maturity. For IT environments, his team measures system resilience, network segmentation effectiveness, and patch compliance, ensuring safety never compromises for uptime or vice versa.
Internal cybersecurity assessments align with NCA and ISA/IEC 62443 frameworks, maintaining external audit readiness. Phishing simulation results, user awareness scores, and third-party risk ratings strengthen human and supply-chain defences. Yet Mohammed Sibgathullah Khan knows excellence extends beyond metrics. It encompasses continuous improvement, cultural ownership, and alignment with business resilience goals.
Quantitative measurements indicate progress. True security maturity shows in how organizations respond to emerging threats, adapt to changing landscapes, and integrate security thinking into every business decision.
Learning from Experience to Guide Others
Early in his career, Mohammed Sibgathullah Khan prioritized technical excellence over stakeholder communication. He underestimated the importance of translating technical risks into business impact, occasionally slowing decision-making. This taught him that cybersecurity leadership encompasses people, processes, and governance as much as technology.
Today, every initiative clearly communicates business value, risk implications, and operational impact. His advice to emerging leaders: don’t work in isolation. Understand broader business context. Engage cross-functional teams early. Communicate risks in decision-maker terms. This perspective transforms security from a necessary expense into a strategic advantage.
Anticipating Tomorrow’s Threats
Looking toward 2026-2030, Mohammed Sibgathullah Khan prepares NATPET for evolving threats- supply chain attacks, AI-driven malware, and quantum computing risks. His approach remains proactive and anticipatory, strengthening supply chain risk management, enhancing AI-powered threat detection, and exploring quantum-safe encryption to future-proof critical systems.
He fosters an adaptive culture emphasizing continuous learning, cross-functional collaboration, and scenario-based planning. Enhanced governance frameworks, formalized OT-IT integration, and specialized teams capable of real-time threat response position NATPET to maintain operational continuity, regulatory compliance, and strategic advantage amid uncertainty.
By embedding resilience, innovation, and agility into technology and human processes today, Mohammed Sibgathullah Khan ensures NATPET doesn’t merely mitigate risks; it thrives despite them, turning security into a competitive advantage.
Shaping Regional Excellence
As one of the Middle East’s most influential cybersecurity leaders in 2025, Mohammed Sibgathullah Khan steers NATPET’s security agenda by balancing business continuity, regulatory compliance, and enterprise risk management. Initiatives fusing innovation with resilience, from AI-driven threat detection and automated vulnerability management to zero-trust frameworks across IT and OT systems, are informed by more than 20 years of experience managing various entities.
Beyond technology, he mentors young Saudi talent, developing the next generation of cybersecurity professionals who lead with integrity, responsibility, and innovation. His influence extends beyond NATPET to shape practices across the Kingdom’s industrial sector through thought leadership, knowledge sharing, and industry collaboration.
Mohammed’s journey from technical administrator to strategic IT leader mirrors Saudi Arabia’s industrial transformation. His work illustrates how cybersecurity leadership in critical infrastructure demands technical expertise, business acumen, and commitment to developing people alongside systems. As the Kingdom advances toward Vision 2030, leaders like Mohammed Sibgathullah Khan ensure digital transformation proceeds on the foundations of security, resilience, and sustainable capability.
His legacy provides a roadmap for future leaders protecting the Kingdom’s critical infrastructure in an increasingly connected and contested digital landscape, demonstrating that true security excellence emerges when vision, capability, and courage converge at the frontiers where technology meets human ingenuity.
