Skip to content Skip to Search
Skip navigation

The Gulf must pair its digitalisation goals with cybersecurity

Governments and businesses need to do more to protect their digital assets

Binary code displayed on a laptop screen cybersecurity Jakub Porzycki via Reuters Connect
Implementing cybersecurity solutions is no longer an option for Gulf states, but a critical component for success

The Gulf states have been a victim of numerous cyberattacks over the past five years, including ransomware attacks and undetected advanced persistent threats to computer networks.

Critical sectors such as oil and gas, manufacturing, government information systems, construction and healthcare have all been targeted.

In August 2021, for example, the AvosLocker ransomware group attacked Dubai’s NHS Moorfields Hospital. The group claimed to have stolen 60gb of patient and proprietary data, including identity cards, passports, insurance forms and travel documents.

A month earlier than that Saudi Aramco had confirmed a cyberattack where the attacker stole company files and demanded a $50 million ransom.

According to aeCERT, the UAE’s computer emergency response team, there were 123,181 cyberattacks in the country in December 2020. Malware accounted for 62 percent of attacks, exploits (in which code or a program maliciously take advantage of IT vulnerabilities) for 31 percent, and phishing for 7 percent.

The Saudi government has also reported an alarming increase in cyberattacks during the Hajj season – more than two million in one month alone in 2022, according to the deputy minister of Hajj and Umrah.

In the years to come, as the GCC states accelerate their digital transformation initiatives, it is imperative that governments and businesses protect their digital assets.

This is no longer an option, but a critical component for success. Emerging technologies such as artificial intelligence, digital infrastructure, renewable energy and smart cities create opportunities but also represent targets.

To that end, Saudi Arabia, the UAE and Bahrain have respectively established the National Cybersecurity Authority, National E-Security Authority and National Cyber Security Center to oversee cybersecurity efforts. 

Additionally, the countries have established computer emergency response teams and introduced personal data protection laws (PDPL) to protect their citizens’ privacy and govern the flow of data internally and across borders.

These laws can impose heavy penalties for non-compliance under Saudi Arabia’s PDPL, malefactors can face fines of up to SAR 10 million ($2.6 million) and imprisonment. 

Such efforts do not come cheap. At Frost & Sullivan, we estimate spending in the Middle East cybersecurity sector will grow from $7.4 billion in 2022 to $31 billion by 2030.

Saudi Arabia is the largest market in the region with over 60 percent market share, followed by UAE. Both the countries stand at the forefront, spearheading the charge in terms of their cybersecurity regulation, technological advancement, workforce development and strengthened cyber strategies. 

These efforts have paid off. In the International Telecommunications Union Global Cybersecurity Index 2020 rankings, Saudi Arabia ranked second and UAE fifth out of 194 countries worldwide.

However in the GCC private sector companies are increasingly concerned about business disruption and reputational damage due to the ongoing threat of cyberattacks.

They are collaborating closely with equipment manufacturers, security services providers, system integrators and consulting companies to enhance their cybersecurity and mitigate cyber risks. 

There is still a long way to go to establishing a safe and secure environment for existing and future digitalisation initiatives and to ensure complete resilience.

It requires a comprehensive national cybersecurity programme that builds national capabilities, defines a national talent strategy and establishes close ties between the government and the cybersecurity sector. Cybersecurity funding must be prioritised and resources allocated.

Collaboration between the GCC states and also the private sector is also crucial. The authorities must share threat intelligence data, conduct joint cybersecurity drills and simulations and standardise protocols.

Parminder Kaur is director of security practice at consulting firm Frost & Sullivan

Latest articles

People, Person, Adult

Dubai unveils master plan for pedestrian-friendly city

Dubai has ambitions to transform into a pedestrian-friendly city, including a 6,500 km network of walkways across 160 areas of the emirate. The Dubai Walk master plan, unveiled by Dubai Ruler Sheikh Mohammed bin Rashid Al Maktoum, will feature uninterrupted pathways and expanded green spaces. The plan includes constructing 3,300 km of new walkways and […]

Saudi date drink cola Milaf

‘World first’ date soft drink launched by PIF subsidiary

A soft drink made from dates has been launched by Al Madinah Heritage Company, a subsidiary of Saudi Arabia’s Public Investment Fund. Milaf Cola, which is claimed to be the world’s first commercial soft drink made from dates, uses only premium fruit and contains no added sugar.  Dates have historically been used in Middle Eastern beverages […]

Houses in Royal Crescent, Holland Park. The area is one of London's most expensive neighbourhoods

Abu Dhabi royal family buys £61.5m London mansion

Abu Dhabi’s Al Nahyan royal family has purchased a mansion in Holland Park, one of London’s exclusive neighbourhoods.  The family paid £61.5 million ($78.1 million) for the property, which includes a swimming pool and cinema room, Bloomberg reported, citing people familiar with the matter. The deal was completed in October before the UK government introduced […]

The five-year pact between PIF and Bpifrance Assurance Export will focus on projects supporting Vision 2030

PIF secures $10bn from French export credit agency

Saudi Arabia’s Public Investment Fund has signed an agreement with Bpifrance Assurance Export, a French export credit agency, to seek funding for up to $10 billion. The five-year pact will focus on projects supporting Vision 2030 and is aligned with the fund’s strategy to grow build long-term global partnerships. The agreement will unlock new opportunities for French […]