Saudi Arabia’s Commitment to Strengthening Cybersecurity Measures:
As technology develops at an unprecedented pace, the importance of digital security in today’s interconnected world is evident. From 2016 to 2018, KSA was the sixth most affected by cyberattacks worldwide. IBM found that the average data breach cost in KSA and the UAE was SAR22.4 million ($5.97 million) in 2019. This was the second-highest cost in the world.
Digital transformation is vital to KSA’s Vision 2030 initiative. Since the economy is putting more emphasis on technology, digital activity needs to be regulated more. This article explores some of the measures adopted by the Kingdom to curb cybercrime.
Saudi Arabia’s Strategic Approach To Handling Cybersecurity
As a first step to deal with attacks, the KSA passed the Cybercrime Law (Royal Decree No. M/17) in 2007. The Cybercrime Law applies to every individual and entity in the KSA, including businesses and government agencies. Cybercrime Law aims to improve the security of information and protect people’s rights while considering society’s well-being, ethics, and values.
With the help of the Communications and Information Technology Commission (CITC), the Office of the Public Prosecutor works to look into cybercrimes and impose imprisonment or fines for such crimes. Depending on the crime, cybercrime can lead to different punishments, including up to ten years in jail and a fine of SAR 5 million (about €1,335,330).
In 2017, the National Cybersecurity Authority (NCA) was set up to enhance and regulate digital security in KSA. This took place as a component of the National Cyber Security Strategy. The NCA’s mission is to create digital security measures and skills and provide financial support within its industry worldwide.
The Strategy aims to ensure a secure cyberspace in the KSA. They hope to achieve this through coordinated national efforts led by the NCA to combat cyber risks. The Strategy outlines 18 important parts of cybersecurity, grouped into six main themes. Among these are the following:
It includes making and reviewing rules, policies, and guidelines for maintaining digital security. Its purpose is to ensure effective governance and management of both government and private entities.
It involves encouraging organizations to follow National Standards and Controls (ECC and CSCC) to implement risk management processes.
It involves increasing awareness, improving digital identities at the national level, encouraging the use of data encryption, and keeping important internet resources safe.
It involves making rules that help make a defense system and a backup plan in case of a cybersecurity threat.
It involves making partnerships and sharing information about digital security policies, cyber threats, ways to avoid them, and quick reaction techniques used during a cyber incident.
This involves three components;
- Supporting research on digital security to encourage innovation and teamwork.
- Setting up specialized education and training units for digital security to build the country’s ability.
- Taking steps to protect systems and making ways to test and evaluate them.
KSA’s determination to improve digital security is clear from its efforts and unwavering dedication. The Kingdom’s proactive approach to fighting cyber threats is evident in its National Cybersecurity Strategy, which emphasizes strong digital security infrastructure, the protection of vital infrastructure, awareness and education, and active participation in international collaborations.