The Global Cybersecurity Forum Institute, established in Riyadh after a royal decree issued by King Salman in June, is a response to the rapid development and evolution of cyberspace, as well as its potential to benefit and transform society.
What is cybersecurity? In simple terms, it is the practice of defending computers, mobile devices, electronic systems, networks, servers and data from malicious attacks.
In recent years, the Kingdom, the largest information and communication hub in the Middle East, has faced increasing numbers of cyberattacks, especially due to the rise in digital devices such as smartphones, tablets and computers.
Saudi Arabia was the target of 7 million cyberattacks in the first two months of 2021.
“When there’s political tension in the region, cyberattacks immediately rise,” Saudi cybersecurity expert Abdullah Al-Gumaijan told Arab News. “Also, the utilization of cyberweapons increased due to attackers now realizing the value of such attacks as they continue to prove their power and damage. Therefore, the trends toward investments in cyberattacks are growing.”
The development of cybersecurity institutes marks not only the Kingdom’s commitment both domestically and internationally to curbing the frequency of such attacks, but also to the importance of cybersecurity as a societal good.
“The GCF Institute is a global platform that seeks to strengthen society’s resilience through shared priorities, purposeful dialogue, and impactful initiatives,” a spokesperson at the institute told Arab News.
“It will serve as a space where the world’s relevant stakeholders collaborate and act to benefit all societies and nations. By harnessing intellectual power and spearheading multilateral collaboration, the institute aims to contribute to a more stable and secure cyberspace for all.”
The institute aims to tackle the most challenging cybersecurity issues facing governments, businesses and individuals. It intends to serve as “a catalyst for the exchange of ideas, driving thought leadership and developing research to inform policy solutions and action,” according to its opening statement.
The institute also plans to facilitate international projects, cross-cultural and global pollination of ideas on new and existing key initiatives regarding cyberspace.
According to the statement: “It will serve as a platform to advance stability, security, and prosperity of cyberspace by catalyzing socioeconomic change, pushing knowledge boundaries, and uniting global champions. Its objective is to pioneer global initiatives that will maximize the benefits of cyberspace and build resilience through dialogue, investment, research and innovation.”
Experts say the initiative shows that the Kingdom is determined to become a world leader in cybersecurity. The country is currently ranked second worldwide in the cybersecurity index within the World Competitiveness Yearbook for 2022 published by the Switzerland-based International Institute for Management Development, which is considered one of the most comprehensive reports in the world.
The National Cybersecurity Authority and bodies such as the Saudi Federation for Cybersecurity, Programming and Drones, and the Ministry of Communications and Information Technology, have been instrumental in the Kingdom’s rise in the field of cybersecurity, advancing laws, controls and talent development.
Moataz BinAli, regional vice president and managing director at Trend Micro in the Mediterranean, Middle East, Central Asia and Africa regions, told Arab News: “Saudi Arabia’s leadership in global cybersecurity stems from a holistic strategy, balancing regulation, talent cultivation, technological innovation, and international collaboration. The decree by King Salman to establish the Global Cybersecurity Forum Institute underlines this commitment, aiming to elevate cybersecurity measures on a global scale.”
Trend Micro is the first global cybersecurity giant to launch its Middle Eastern headquarters and local cloud data lake in Saudi Arabia. It is a global leader in cybersecurity solutions, and aims to make it safe for businesses and consumers to exchange digital information.
“The institute is designed to complement these efforts, fostering international cooperation and socioeconomic growth in cybersecurity,” BinAli added. “With an international board of trustees and an advisory council of global experts, the institute will facilitate knowledge exchange and collaborative opportunities.”
He explained that according to the Trend Micro Annual Cybersecurity Report for 2022, a total of 110 million threats were detected and blocked in the Kingdom by its cybersecurity solutions.
Saudi Arabia is leading the cybersecurity field in the Arab world. While the country has been a prime target for cyberattacks, BinAli said it has “converted adversity into strength, emerging as the Middle East’s largest cybersecurity market.”
He said that the Kingdom’s proactive approach to cybersecurity reflects an appreciation “of its global relevance and a vision that goes beyond national borders, making significant contributions to the international cybersecurity ecosystem.”
Several initiatives have been implemented to bolster cybersecurity awareness among the country’s populace and its businesses in the past few years, ranging from cybersecurity awareness drives and training initiatives to contests designed to stimulate student interest in cybersecurity.
This year, the Saudi government ramped up its adherence to cybersecurity regulations, and also witnessed a rise in the emergence of cybersecurity startups and an increase in cybersecurity job opportunities.
BinAli also highlighted how the social transformations under Vision 2030 have contributed to advancements in cybersecurity in the country.
The concerted effort to enhance female workforce involvement has resulted in a surge of Saudi women in technical and leadership positions in cybersecurity. This advancement is evident as women now account for 45 percent of the country’s cybersecurity workforce, according to the Saudi Federation for Cybersecurity, Programming and Drones.
The National Cybersecurity Authority’s comprehensive 2023 National Plan for Cyber Assessments says that it is set to carry out extensive cybersecurity evaluations for national entities, with a concentration on compliance audits and technical cyber reviews of crucial systems. The plan aims to proactively identify and manage cyber risks at a national level, while ensuring compliance with the standards and controls established by the authority.
Also pivotal is the Haseen Initiative launched by the authority in 2022. It embodies a holistic approach to cybersecurity, and aims to foster collective security by facilitating information sharing on cyber threats and incidents among national entities.
The platform also aids compliance management, aligning entities with regulations such as the National Cybersecurity Framework and General Data Protection Regulation. It curbs phishing and email frauds through its robust email authentication service, thereby bolstering national resilience against cyber threats.
Other measures taken by the Saudi government include integrated cybersecurity governance; effective management of cyber risks; the protection of cyberspace and strengthening the security of critical infrastructure and information systems; strengthening national capabilities in defense against cyber threats; strengthening partnerships for collaborative security; and building national capacity to strengthen the cybersecurity ecosystem in the Kingdom.
Key initiatives launched include the establishment of the National Cybersecurity Center to raise awareness of cybersecurity efforts; the passing of the Cybersecurity Law to provide a legal framework for cybersecurity; the development of a National Cybersecurity Awareness Program to educate citizens and residents; and establishment of the National Academy of Cybersecurity to train and upskill the Kingdom’s cybersecurity workforce.
Ultimately, as such initiatives underline and BinAli emphasizes, robust cybersecurity enhances quality of life, as well as economic and digital innovation.
“Cybersecurity plays an integral role in enhancing the quality of life, particularly in our digital-first world,” said BinAli. “It safeguards our online existence and the digital services we’ve come to rely on daily — from online banking, e-commerce, healthcare and education to social networking and more.
“It protects our personal information and privacy online, providing the security required to enjoy the benefits of the digital world without fear of identity theft, fraud, or privacy breaches.”
Cybersecurity is key to ensuring that essential services function seamlessly. Critical infrastructures such as power grids, transportation, health care systems, and financial services are increasingly reliant on digital networks. Robust cybersecurity measures prevent disruptions caused by cyberattacks, maintaining the reliability and availability of these vital services.
“Lastly, cybersecurity promotes economic growth and innovation. By providing a secure platform for digital activities, it fosters trust in digital commerce, encourages the development of new technologies, and facilitates the digital transformation of industries,” he added.