DUBAI: Cybercrime attacks could double over the next two years and cost Saudi Arabia’s economy up to SR30 billion ($8 billion) by 2020, according to security experts who warn the Kingdom is the most targeted county in the GCC for online fraudsters.
While Saudi Arabia is stepping up the war against cybercrime, the Kingdom must invest in training its own security professionals, expand its pool of skilled workers and strengthen its cybersecurity regulation to become more resilient against emerging attacks.
“Based on our relationship with key Saudi clients, we see that cybercrime in Saudi is growing faster than in most of the countries in the world, with more than a 35 percent increase in the number of attacks during the past year,” said Simone Vernacchia, a partner in Digital, CyberSecurity, Resilience and Infrastructure for PWC Middle East.
“Based on our experience in the GCC, Saudi is being targeted more frequently, and the cost of cyberattacks is 6 to 8 percent higher than in the rest of the GCC countries. The Saudi economy provides a more appealing target for cyberattackers.”
Vernacchia said it can be difficult to measure the true direct and indirect cost on Saudi Arabia’s economy each year.
“This said, we would expect direct and indirect costs arising from cyberattacks to total $3 to $4 billion (SR11.25 billion to SR15 billion) for 2018,” said Vernacchia.
“Assuming the growth will not be affected by large-scale events, we expect the direct and indirect impact of cyberattacks to grow up to $6 to $8 billion (SR22.5 billion to SR30 billion) by 2020. Among the major external events that can affect this figure, uncertainties in the region can result in an even more aggressive surge of cyberattacks.”
Vernacchia said there was a lack of willpower in organizations to invest in security measures, and urged them to invest in the manpower and technology that will enable them to become more resilient in the face of growing attacks. While Saudi is “not completely unprepared,” most businesses in the Kingdom are investing in cybersecurity far less than the leading countries.
“We see the average investment in cybersecurity awareness and capability to be on average about 60 percent lower in Saudi Arabia than what is invested by organizations of the same size in leading countries.
“This is a result of limited regulatory requirements for private entities, as private companies are trading the immediate benefit of spending less on cybersecurity protection with the high cost of one — or more — potentially highly effective targeted cyberattacks.”
An increase in cybersecurity regulation could also strongly limit the growth of cyberattacks, Vernacchia said. “The limited amount of cybersecurity-related regulation is a key issue, as it’s having two key effects. On one hand, some businesses are underestimating their exposure, and thus not investing in cybersecurity as they should — de facto increasing their risk. Other businesses are waiting for regulation to be drafted before investing in cybersecurity, in fear that the organization, processes and solutions they would implement may not be in line with the regulatory requirements which are coming.”
Amir Kolahzadeh, CEO of cybersecurity firm ITSEC, said Saudi-based business are reluctant to invest in adequate cybersecurity measures as they fail to recognize the long-term value of the initial investment needed.
“The core issues that every business is looking at in cybersecurity is a line item expense instead of looking what the cost would be if there is a breach,” he said. “This is a worldwide epidemic at the moment. However, it is much more evident in the GCC due to lack of truly trained IT security professionals who can show the business acumen, foresight and the communication skills to demonstrate that potential losses are exponentially greater than the cost of securing the enterprise.”
David Michaux, of online security company Whispering Bell, said as Saudi Arabia forges ahead with its knowledge-based economy and becomes “more online,” the potential for attacks will grow.
With Saudi Arabia’s Vision 2030 of a “knowledge economy,” growth in the ICT will be fueled by digitization — including IT innovation, big data projects, smart city initiatives, and cloud-based services. In addition, Saudis are among the most active social media users in the world — and largest adopters of Twitter in the Arab region.
Mathivanan V., vice president of ManageEngine, said while Saudi Arabia has taken “significant steps” to achieve cyber-readiness, including the introduction of the National Authority of Cyber Security which aims to enhance the protection of networks, IT systems, and data through regulatory and operational tasks, he warned that sophisticated cyberthreats have evolved in the wake of digitization and urged companies to better employ sustainable IT practices and state-of-the-art cybersecurity tools.
“A trained security professional cannot win the battle against cybercrime with just a mere knowledge of IT security,” he said. “What he needs is the right weapon to master the art of cybersecurity.”
James Lyne, head of R&D at SANS Institute, which specializes in information security, said given Saudi Arabia’s visible agenda to lead the charge in smart cities, connected industry and to develop a knowledge economy, it is key that the Kingdom also has an equally ambitious cybersecurity skills strategy.
“A gap between the two will lead to substantial attacks and reputation damage for the region,” he said.
“Firstly, Saudi Arabia needs more cybersecurity practitioners overall — particularly with the ambitious development projects being undertaken as part of the Kingdom’s 2030 Vision. Secondly, existing cybersecurity practitioners also have to continue to sharpen their skills to increase the depth of their expertise.”
He urged companies not to ignore the fact that employee behavior is a weak link in cybersecurity and is becoming an increasing source of risk.
“Many of the breaches that occur still take advantage of basic cybersecurity failures and, as such, education has to be a huge part of the solution. Everyone in Saudi Arabia has a role to play in making sure that cybercriminals get fewer clicks on their nasty emails, documents and phishing links.”
He said it was difficult to truly grasp the overall financial figures associated with cybercrime.
“That said, even the tip of the iceberg that we do see is very substantial and it has already been demonstrated that Saudi Arabia is a major target. Given attackers have already had success compromising facilities, it is extremely likely other cybercriminals will follow.”
KSA must become more resilient against cyberattacks
KSA must become more resilient against cyberattacks
- Healthcare data is of particular interest to hackers because it can be used to blackmail people in positions of power
- A trained security professional cannot win the battle against cybercrime with just a mere knowledge of IT security
Reseda alba, an aromatic herb found across Saudi Arabia, plays vital role in fighting desertification
- Known by the common name white mignonette, it thrives in both sandy and clay soils
- The plant blooms in spring, attracting bees and pollinators to enhance ecological balance
ARAR: Reseda alba, a flowering aromatic herb, is found naturally in several regions of Saudi Arabia and is a key part of local vegetation in the Northern Borders.
Known by its common names of white mignonette or white upright mignonette, the plant has small, white, fragrant flowers and is also cultivated as an ornamental. It blooms in spring, attracting bees and other pollinators, enhancing the ecological balance and supporting biodiversity.
Thriving in both sandy and clay soils, the plant is well suited to the desert climate of the Northern Borders region. It also plays a vital role in combating desertification by stabilizing the soil.
A perennial plant that grows up to 1 meter high, reseda alba is also native to Europe, Asia and North Africa. It can be found in other parts of the world as an introduced species.
Nasser Al-Mujlad, chair of the Aman Environmental Association, said the expanding growth of reseda alba was a key element of the region’s natural botanical heritage.
The plant’s aesthetic appeal added significant value to the region’s tourism and environmental significance, he added.
Al-Mujlad pointed out that many plants previously at risk of extinction have made a comeback, thanks to the establishment of reserves and the implementation of new regulations and laws aimed at protecting the environment and conserving its natural resources.
How Saudi Arabia is protecting users’ privacy and data from harmful AI
- AI technologies often collect sensitive personal data, raising concerns over consent, surveillance, and potential misuse
- Saudi Arabia is leading AI regulation in the region with ethical principles and a personal data protection law
RIYADH: As artificial intelligence seeps deeper into everyday life — from smart assistants and facial recognition to online shopping and AI-generated selfies — so too do the threats to personal data and privacy.
The dazzling capabilities of AI come at a cost many users do not fully grasp: exposure to data collection, surveillance, and potential misuse. And in a world where convenience often trumps caution, experts are urging users and organizations alike to slow down and scrutinize the digital tools they engage with.
“AI systems often depend on vast amounts of data, including sensitive personal information, which raises significant privacy issues,” Osama El-Masry, who leads data protection and privacy practice delivery for the Middle East region at the IT consulting firm Cognizant, told Arab News.
“Many users are unaware of how their data is collected, stored, and utilized, leading to fears of unauthorized access or misuse. For example, technologies like facial recognition can infringe on individual privacy without consent, posing risks of surveillance and tracking.”
This warning comes amid growing concerns about how AI software processes user data — especially in apps and platforms that seem harmless at first glance.
While regulation and ethical oversight are often viewed as a government or corporate responsibility, El-Masry stresses that users must also play an active role.
“This means reading privacy policies and being aware of what personal information is collected and how it may be used or shared,” he said.
“A critical aspect of this responsibility is limiting the sharing of personal data when using AI tools. Users should strive to provide only the minimum necessary information required to achieve their desired outcomes, avoiding unnecessary disclosure of sensitive data.”
In short, treat AI tools like you would any new technology: with a mix of curiosity and caution. The onus is on users to learn how their data is handled and to be wary of oversharing. On the flip side, organizations must prioritize privacy from the very beginning of product design.
“This involves implementing strong data protection measures, ensuring transparency and explainability in data usage, and adhering to AI and privacy regulations/principles,” El-Masry said. “Organizations should also clearly communicate their data practices to users, fostering an environment of trust.
“Ultimately, a collaborative approach, where both parties understand their roles and responsibilities regarding privacy, is essential for protecting personal information in the age of AI.
“By working together, users and organizations can create a more secure digital landscape that respects privacy rights.”
Take the current obsession with AI art filters, for instance. Millions of users upload their photos to apps that transform them into anime characters or classic oil paintings. But what happens to those original images?
“Many users may not realize that while the effect is fun, their original images are still being processed and may be retained by the app,” said El-Masry.
“This underscores the importance of being mindful about which platforms and applications are trusted with personal images and data. By taking these steps, users can harness AI’s potential while safeguarding their personal information against misuse.”
It’s a simple but powerful reminder: Just because something looks like harmless fun, doesn’t mean it’s risk-free. Every interaction with AI — no matter how trivial it seems — carries data implications.
Users are also advised to challenge the information they receive from AI platforms. While many tools promise personalization and convenience, they can just as easily perpetuate bias or inaccuracies.
“Continuous education about AI ethics and privacy implications empowers users to make informed choices about their interactions with these technologies,” said El-Masry. “Users should also advocate for ethical data practices within their communities, promoting accountability among developers and organizations.
“It’s important to recognize that AI applications vary widely, with some being non-privacy-related, such as telecom network enhancements and medical diagnostics, and others being privacy-sensitive, like marketing profiling and predictive analysis.
“Users should be particularly cautious when interacting with AI technologies in privacy-sensitive fields, as these applications often involve the handling of personal data that can impact privacy rights.”
There are ways to navigate the AI landscape safely. One approach is to seek out AI tools that prioritize user privacy through transparent practices and robust protection measures.
“By taking these steps, users can harness AI’s potential while safeguarding their personal information against misuse,” said El-Masry.
The stakes are higher than many realize. As AI becomes more sophisticated and integrated into business, healthcare, finance, education, and government systems, the implications for misuse — whether accidental or malicious — become more severe.
El-Masry lists several privacy threats tied to AI applications, including “unintended biased decisions, unethical AI use cases, data leaks, decisions ambiguity, and the use of AI with vulnerable data subjects.
“This is becoming a global concern and the driver for the issuance of the different ethical AI regulations/principles by many policymakers across different regions and countries to mitigate the above risks associated with the use of AI.
While much of the world is still struggling to keep pace with innovation, Saudi Arabia has moved to regulate and promote the ethical use of data and AI.
“The Kingdom introduced the Personal Data Protection Law, which establishes clear guidelines for data collection, processing, and sharing, ensuring that individuals’ privacy rights are protected,” said El-Masry.
“This framework aligns with international standards, signaling a commitment to responsible data management.”
The country’s National Strategy for Data and Artificial Intelligence is another critical piece of its governance efforts. It aims to build a culture of innovation without compromising ethical boundaries.
“Notably, SDAIA has issued a set of ethical AI principles that emphasize fairness, accountability, transparency, and privacy,” said El-Masry. “These principles guide the development and deployment of AI technologies, ensuring they are used responsibly and ethically.”
Despite Saudi Arabia’s leadership, data privacy in the broader Middle East remains patchy. Many countries still lack comprehensive legal frameworks to protect users’ rights.
El-Masry believes that’s an area ripe for action. “Governments should establish comprehensive AI and data privacy laws and regulations that align with international standards, providing clear guidelines for data processing.”
DID YOU KNOW?
• Saudi Arabia has introduced the Personal Data Protection Law to safeguard user privacy and regulate data use responsibly.
• The Kingdom’s National Strategy for Data and AI promotes innovation while ensuring ethical, transparent, and accountable AI practices.
• SDAIA’s ethical AI principles emphasize fairness, privacy, and governance, guiding responsible development and deployment of AI technologies.
He also advocates for coordinated public-private collaboration to raise the bar for compliance and innovation across the region.
“Organizations must prioritize compliance and even go beyond compliance and acknowledge the value of investing in implementing data responsibility practices and technologies that ensure robust privacy compliance and AI governance in conducting business, which has a direct impact on their revenues and sustainability. There are clear examples of private organizations who adopted this approach and (have) proven to be competitive and successful.
“Organizations should communicate their data practices clearly to build public trust. Additionally, mandating that organizations document AI use cases involving personal data and ensuring periodic reviews of AI algorithms can help maintain compliance with privacy regulations.
“Governments can support this by providing resources, consultation, and training to enhance organizations’ privacy and AI governance capabilities.”
While legislation and corporate responsibility are critical, El-Masry says individuals must also be empowered to take charge of their own digital lives. He calls for greater awareness and education around data privacy.
“By adopting a proactive and unified approach, both organizations and governments can create a safer digital environment that prioritizes privacy for all,” he said.
As AI becomes increasingly entangled in the infrastructure of modern life, protecting privacy is no longer a niche concern — it’s a collective responsibility. From the laws that govern AI to the choices we make about which apps to trust, the future of digital safety depends on everyone playing their part.
As El-Masry puts it: “By working together, users and organizations can create a more secure digital landscape that respects privacy rights.”
Saudi and French experts explore opportunities for cooperation in sustainable agriculture
Saudi Arabia’s National Research and Development Center for Sustainable Agriculture, also known as Estidamah, welcomed a delegation from the French National Federation of Seed Potato Growers for an official visit during which they discussed opportunities for enhanced cooperation and exchanges of expertise.
The visitors learned about the center’s activities, including its research and technical programs and prominent projects that support the development of sustainable agricultural solutions in the Kingdom.
The center said the visit reflected its commitment to building strategic partnerships with leading international organizations, and the sharing of experience that can contribute to the development of the agricultural sector and improved food security.
The French federation, which specializes in support and development of potato seed production, oversees a number of research and technical institutions.
AlUla Skies Festival 2025 returns next week
- The festival features a variety of additional activities, including illuminated hot air balloon shows, tethered-flight and free-flight balloon rides over AlUla’s iconic landmarks, and musical concerts blending culture, exploration and entertainment
RIYADH: AlUla Moments has announced the return of the “AlUla Skies Festival 2025” from April 18 to 27, featuring a variety of new experiences.
The festival highlights the area’s clear, light-pollution-free skies and AlUla’s deep, ancient connection to astronomy, as it is home to Gharameel and AlUla’s Beacon, the first designated Dark Sky locations in the Middle East, recognized by the International Dark-Sky Association, solidifying AlUla’s status as a global hub for astro-tourism.
The festival offers visitors a rare opportunity to stargaze in a pristine natural environment, showcasing IDA-certified locations such as Gharameel and AlUla’s Beacon.
These spots are among the first official Dark Sky Sites in the region, reinforcing AlUla’s role as a leading destination for stargazing tourism.
Visitors can head to the Gharameel Reserve to view the Milky Way in one of the clearest skies in the region. The experience also includes night walks, camping sessions and grilled dinners around campfires.
The festival features a variety of additional activities, including illuminated hot air balloon shows, tethered-flight and free-flight balloon rides over AlUla’s iconic landmarks, and musical concerts blending culture, exploration and entertainment.
For more information about the AlUla Skies Festival, visitors can check the official website: https://www.experiencealula.com/en.
SFDA CEO meets German food safety president
- The meeting took place as part of the bilateral engagements on the sidelines of the sixth meeting of the International Heads of Food Agencies Forum, held in Chile from April 9-11
RIYADH: The chief executive officer of the Saudi Food and Drug Authority, Dr. Hisham S. Aljadhey, on Thursday met in Santiago with President of the German Federal Institute for Risk Assessment Dr. Andreas Hensel.
The meeting took place as part of the bilateral engagements on the sidelines of the sixth meeting of the International Heads of Food Agencies Forum, held in Chile from April 9-11.
According to a press release from the SFDA, both sides underscored the crucial role of regulatory authorities in forging robust partnerships with the private sector.
This collaboration is vital for developing and improving product quality, driving progress, and enhancing operational efficiency within a unified system that prioritizes product safety.
Discussions also centered on the importance of establishing an integrated regulatory system underpinned by reliable reference data, accurate quality testing, and transparent regulatory frameworks.
This foundation will foster greater confidence in regulatory information, improve the capacity for proactive risk assessment and response, and ultimately enhance product reliability and food safety.
Officials from the SFDA delegation also conducted a series of bilateral meetings with several counterpart regulatory bodies, including the UK Food Standards Agency, the Chilean Food Safety and Quality Agency, the New Zealand Food Safety branch of the Ministry of Primary Industries, and the Portuguese Economic and Food Safety Authority.
These meetings were geared toward fostering cooperation frameworks and enhancing integrated work with international organizations to serve food quality and safety objectives.
