An increased number of cyber-attacks on the systems of Saudi Arabia has led to the outsourcing of cybersecurity staff. Organizations in the country have been frequently attacked by cybercriminals, creating a need to intensify online security measures. The geopolitical location of the nation makes it vulnerable to attacks aimed at its fundamental industries, such as oil, gas and energy.
Why target industries in Saudi Arabia
Saudi Arabia is the world’s second-largest oil producer after the United States. Disrupting the industries dealing with oil would help the motive of cyber-attackers to create chaos and financial losses. Saudi Arabia started the National Cyber Security Authority (NCA) to curb such incidents in 2017. The NCA looks after the cybersecurity-related matters of essential services, critical infrastructure, etc. Due to the threat associated with social networking platforms, the government also monitors social media crimes.
The chief technology officer at cyber security firm Help AG, Nicolai Solling, told Computer Weekly, “One of the unique challenges for Saudi Arabia is that a great number of national organisations are huge in size compared to other countries in the region, with a workforce of hundreds of thousands of people. This sometimes makes it hard to be agile.” Outsourcing from other countries can bolster security measures and create the pathway for increased threat prevention.
There is a growing number of ransomware attacks globally and the evolution of the tactics employed by cybercriminals. To combat threats like file encryption and data theft, it is necessary to upgrade security measures utilized by other equipped countries. Moreover, spying on organizations has also caused enormous issues as it targets organizations that indirectly hinder other related targets.
In July 2022, the NCA signed a Memorandum of Understanding (MoU) for cybersecurity cooperation with the United States Department of Homeland Security (DHS).
Another program, CyberIC, launched by the NCA on August 8 this year, aims to develop the cybersecurity sector in Saudi Arabia. The CyberIC was started to create more awareness, train employees in cybersecurity, build tools and solutions to combat cyber-attacks, etc. Over 60 start-ups have been created to boost the cybersecurity sector. About 10,000 employees will be trained in this project to enable better protection, defences and workforce.
The move toward outsourcing also aligns with the reform-based blueprint created by the Vision 2030 framework. It aims to develop the public service sector and diversify the kingdom’s economy. This project envisioned the development of several sectors, including a composite aerostructure factory, King Salman energy park, low power research reactor, soudah development, sakaka solar power plant, and others.
Such enormous progress plants and projects rely on evolving and increased intelligence and cybersecurity support. These projects also become vulnerable to ransomware attacks, DDoS attacks and multiple social engineering attacks. Hitting the critical sector of the nation in this capacity can make it difficult to focus on development projects and cause workflow disruption, among other problems.