Skip to content Skip to Search
Skip navigation

The Gulf must pair its digitalisation goals with cybersecurity

Governments and businesses need to do more to protect their digital assets

Binary code displayed on a laptop screen cybersecurity Jakub Porzycki via Reuters Connect
Implementing cybersecurity solutions is no longer an option for Gulf states, but a critical component for success

The Gulf states have been a victim of numerous cyberattacks over the past five years, including ransomware attacks and undetected advanced persistent threats to computer networks.

Critical sectors such as oil and gas, manufacturing, government information systems, construction and healthcare have all been targeted.

In August 2021, for example, the AvosLocker ransomware group attacked Dubai’s NHS Moorfields Hospital. The group claimed to have stolen 60gb of patient and proprietary data, including identity cards, passports, insurance forms and travel documents.

A month earlier than that Saudi Aramco had confirmed a cyberattack where the attacker stole company files and demanded a $50 million ransom.

According to aeCERT, the UAE’s computer emergency response team, there were 123,181 cyberattacks in the country in December 2020. Malware accounted for 62 percent of attacks, exploits (in which code or a program maliciously take advantage of IT vulnerabilities) for 31 percent, and phishing for 7 percent.

The Saudi government has also reported an alarming increase in cyberattacks during the Hajj season – more than two million in one month alone in 2022, according to the deputy minister of Hajj and Umrah.

In the years to come, as the GCC states accelerate their digital transformation initiatives, it is imperative that governments and businesses protect their digital assets.

This is no longer an option, but a critical component for success. Emerging technologies such as artificial intelligence, digital infrastructure, renewable energy and smart cities create opportunities but also represent targets.

To that end, Saudi Arabia, the UAE and Bahrain have respectively established the National Cybersecurity Authority, National E-Security Authority and National Cyber Security Center to oversee cybersecurity efforts. 

Additionally, the countries have established computer emergency response teams and introduced personal data protection laws (PDPL) to protect their citizens’ privacy and govern the flow of data internally and across borders.

These laws can impose heavy penalties for non-compliance under Saudi Arabia’s PDPL, malefactors can face fines of up to SAR 10 million ($2.6 million) and imprisonment. 

Such efforts do not come cheap. At Frost & Sullivan, we estimate spending in the Middle East cybersecurity sector will grow from $7.4 billion in 2022 to $31 billion by 2030.

Saudi Arabia is the largest market in the region with over 60 percent market share, followed by UAE. Both the countries stand at the forefront, spearheading the charge in terms of their cybersecurity regulation, technological advancement, workforce development and strengthened cyber strategies. 

These efforts have paid off. In the International Telecommunications Union Global Cybersecurity Index 2020 rankings, Saudi Arabia ranked second and UAE fifth out of 194 countries worldwide.

However in the GCC private sector companies are increasingly concerned about business disruption and reputational damage due to the ongoing threat of cyberattacks.

They are collaborating closely with equipment manufacturers, security services providers, system integrators and consulting companies to enhance their cybersecurity and mitigate cyber risks. 

There is still a long way to go to establishing a safe and secure environment for existing and future digitalisation initiatives and to ensure complete resilience.

It requires a comprehensive national cybersecurity programme that builds national capabilities, defines a national talent strategy and establishes close ties between the government and the cybersecurity sector. Cybersecurity funding must be prioritised and resources allocated.

Collaboration between the GCC states and also the private sector is also crucial. The authorities must share threat intelligence data, conduct joint cybersecurity drills and simulations and standardise protocols.

Parminder Kaur is director of security practice at consulting firm Frost & Sullivan

Latest articles

Properties overlooking the bay in Muscat. Property prices in the capital fell more than 5 percent

Oman’s real estate sector continues to slide

Apartment prices in Oman dropped more than 17 percent in the first quarter of 2024, while villa prices rose a meagre 0.8 percent, according to the latest government figures. Residential real estate prices were down across the board quarter on quarter, including those for land. The Musandam region recorded the largest overall decline at 15.7 […]

Shoppers choose vegetables in Istanbul; inflation means people are spending on essentials

Turkish retailers’ confidence wavers as inflation bites

Confidence is falling among Turkish retailers, according to a survey from the country’s statistics agency Turkstat. Shoppers have been scaling back on big-ticket purchases, spending instead on basic consumer goods as inflation piles pressure on household incomes. May’s business confidence report, released by Turkstat on June 24, showed sentiment in the retail sector at its […]

Water is handed out to pilgrims in Mecca. Hundreds of pilgrims without a Hajj permit died during extreme heat last week

Egypt shuts down 16 travel companies after Hajj tragedy

Egypt has withdrawn the operating licences of 16 travel companies for organising unlicensed Hajj trips to Saudi Arabia. A statement from the Egyptian government said the companies would be prosecuted and fined, with the funds used to compensate pilgrims’ families for their loss.  Hundreds of Egyptians were among 1,301 people who died of exposure to […]

A floating production unit in Israel's Karish gas field in the eastern Mediterranean. Carlyle is creating a new oil and gas company to manage the field

New Carlyle entity to manage East Med gas projects

Carlyle, the Nasdaq-listed private equity company, is creating a new oil and gas company to manage recently-acquired assets in the Mediterranean hydrocarbons market. The new as yet un-named entity will be led by former BP CEO Tony Hayward and will manage a portfolio of gas-weighted exploration and production assets in Italy, Egypt and Croatia, according […]