Skip to content Skip to Search
Skip navigation

The Gulf must pair its digitalisation goals with cybersecurity

Governments and businesses need to do more to protect their digital assets

Binary code displayed on a laptop screen cybersecurity Jakub Porzycki via Reuters Connect
Implementing cybersecurity solutions is no longer an option for Gulf states, but a critical component for success

The Gulf states have been a victim of numerous cyberattacks over the past five years, including ransomware attacks and undetected advanced persistent threats to computer networks.

Critical sectors such as oil and gas, manufacturing, government information systems, construction and healthcare have all been targeted.

In August 2021, for example, the AvosLocker ransomware group attacked Dubai’s NHS Moorfields Hospital. The group claimed to have stolen 60gb of patient and proprietary data, including identity cards, passports, insurance forms and travel documents.

A month earlier than that Saudi Aramco had confirmed a cyberattack where the attacker stole company files and demanded a $50 million ransom.

According to aeCERT, the UAE’s computer emergency response team, there were 123,181 cyberattacks in the country in December 2020. Malware accounted for 62 percent of attacks, exploits (in which code or a program maliciously take advantage of IT vulnerabilities) for 31 percent, and phishing for 7 percent.

The Saudi government has also reported an alarming increase in cyberattacks during the Hajj season – more than two million in one month alone in 2022, according to the deputy minister of Hajj and Umrah.

In the years to come, as the GCC states accelerate their digital transformation initiatives, it is imperative that governments and businesses protect their digital assets.

This is no longer an option, but a critical component for success. Emerging technologies such as artificial intelligence, digital infrastructure, renewable energy and smart cities create opportunities but also represent targets.

To that end, Saudi Arabia, the UAE and Bahrain have respectively established the National Cybersecurity Authority, National E-Security Authority and National Cyber Security Center to oversee cybersecurity efforts. 

Additionally, the countries have established computer emergency response teams and introduced personal data protection laws (PDPL) to protect their citizens’ privacy and govern the flow of data internally and across borders.

These laws can impose heavy penalties for non-compliance under Saudi Arabia’s PDPL, malefactors can face fines of up to SAR 10 million ($2.6 million) and imprisonment. 

Such efforts do not come cheap. At Frost & Sullivan, we estimate spending in the Middle East cybersecurity sector will grow from $7.4 billion in 2022 to $31 billion by 2030.

Saudi Arabia is the largest market in the region with over 60 percent market share, followed by UAE. Both the countries stand at the forefront, spearheading the charge in terms of their cybersecurity regulation, technological advancement, workforce development and strengthened cyber strategies. 

These efforts have paid off. In the International Telecommunications Union Global Cybersecurity Index 2020 rankings, Saudi Arabia ranked second and UAE fifth out of 194 countries worldwide.

However in the GCC private sector companies are increasingly concerned about business disruption and reputational damage due to the ongoing threat of cyberattacks.

They are collaborating closely with equipment manufacturers, security services providers, system integrators and consulting companies to enhance their cybersecurity and mitigate cyber risks. 

There is still a long way to go to establishing a safe and secure environment for existing and future digitalisation initiatives and to ensure complete resilience.

It requires a comprehensive national cybersecurity programme that builds national capabilities, defines a national talent strategy and establishes close ties between the government and the cybersecurity sector. Cybersecurity funding must be prioritised and resources allocated.

Collaboration between the GCC states and also the private sector is also crucial. The authorities must share threat intelligence data, conduct joint cybersecurity drills and simulations and standardise protocols.

Parminder Kaur is director of security practice at consulting firm Frost & Sullivan

Latest articles

Aramco and Rongsheng have signed an agreement to potentially expand the facilities at Saudi Aramco Jubail Refinery Company (Sasref)

Aramco and Rongsheng move on chem plant expansion

Saudi Aramco is accelerating plans to expand the liquids-to-chemicals project in Jubail in collaboration with China’s Rongsheng Petrochemical Company. The companies have signed a development framework agreement to potentially expand Saudi Aramco Jubail Refinery Company (Sasref) facilities and increase investments in the petrochemical sectors of both nations. This follows a cooperation framework signed in April, where Rongsheng proposed […]

The Aramco-Bapco pipeline can transport up to 350,00 barrels per day of crude oil

BlackRock buys stake in Saudi-Bahraini oil pipeline

Bahrain’s state-run Bapco Energies has sold a minority stake in an oil pipeline linking Saudi Arabia and Bahrain to a fund managed by US investment bank BlackRock. The BlackRock Diversified Infrastructure fund purchased a stake in the Saudi Bahrain Pipeline Co (SBPC), which owns a section of the 112-km pipeline. It supplies crude oil from […]

Etihad Airways reported a 48% year-on-year rise in net profit to $232m in the first half of 2024

Etihad Airways potential IPO unlikely this year

The possible initial public offering (IPO) of Etihad Airways is unlikely to happen this year, a media report has said. Regional geopolitical instability and a plan to show investors a strong financial performance in 2024 are key factors delaying the IPO launch, Reuters reported, citing informed sources. An Etihad spokesperson said it does not comment […]

ESG index Emirates NBD

ESG-focused companies ‘give better shareholder returns’

Middle East listed companies that score highly on environmental, social and governance criteria provide a bigger total return for shareholders than their less ESG-conscious rivals, a corporate governance body has found. The Hawkamah Middle East and North Africa ESG Index includes the top 50 companies by ESG score from the 150 blue-chip stocks that constitute […]