Search form

You are here

  • Home
  • Democratizing cybersecurity expertise crucial to counter AI-fueled digital crimes: Microsoft executive


Democratizing cybersecurity expertise crucial to counter AI-fueled digital crimes: Microsoft executive

Joy Chik, president of Identity and Access Network at Microsoft.
Short Url

https://arab.news/2h7sn

Updated 03 October 2024
Nadin Hassan
Reem Walid
Follow

Democratizing cybersecurity expertise crucial to counter AI-fueled digital crimes: Microsoft executive

Updated 03 October 2024
Nadin Hassan Reem Walid

RIYADH: Democratizing cybersecurity expertise is essential to combat the rising threat of digital crimes fueled by AI tools, according to Joy Chik, president of Identity and Access Network at Microsoft.

In an interview with Arab News during the Global Cybersecurity Forum in Riyadh, Chik emphasized how AI can help bridge the workforce gap in cybersecurity.

In the first quarter of 2023, Microsoft reported a staggering tenfold increase in password-based attacks on cloud identities, escalating from 3 billion to over 30 billion per month.

The company also detected approximately 6,000 attempted cyberattacks daily over the past year, which included phishing scams and sophisticated nation-state-backed attacks targeting critical infrastructure.

“So, I think to address that, one way is to democratize the expertise in security, and that’s when Gen AI, what Microsoft would produce — the kind of copilot for security. These are the tools so that you can have the skill set to democratize and have more people enabled to leverage these tools to combat cybercrime,” Chik said. 

She added that AI can help alleviate the shortage of skilled labor in the industry. “Earlier, I talked about whether we have a shortage of cybersecurity labor, skilled laborers, if you will, and expertise, and AI is a way to democratize that.”  

“I do think it is really important that we’re not just on the defense, but also move to the offense,” Chik said. “When I say offense, it’s about secure by design, secure by default, and how we can defend against supply chain attacks.”  

Chik explained that threats range from “probably the simplest, which is attacking your credentials, passwords, or identity, to phishing attacks, and to more sophisticated, nation-state-sponsored ones, like targeting critical infrastructure.” She emphasized Microsoft’s commitment to enhancing security measures based on insights gained from real-world incidents, noting that a key aspect of the company’s Secure Future initiative is not only addressing immediate needs but also promoting a security-first mindset and culture.

Chik also highlighted Microsoft’s efforts to move toward a password-free future, stating, “We all know passwords are not secure, and yet they’re the most common way for people to log into their online services. How can we provide a simple yet more secure method for identifying individuals without requiring them to remember passwords?”

One proposed solution is passkey technology, a multi-factor authentication method developed in collaboration with Microsoft, Google, Apple, and other industry leaders.

“That is a phishing-resistant multi-factor authentication that does not require a password at all. At the same time, it uses your mobile phone, for example, but saves your credentials in a safe manner so they cannot be easily phished,” she concluded. 

Topics: GCF2024

New Child Protection in Cyberspace Index aims to improve online safety for kids

Updated 7 sec ago
MANAL AL-BARAKATI
Follow

New Child Protection in Cyberspace Index aims to improve online safety for kids

Updated 7 sec ago
MANAL AL-BARAKATI

RIYADH: The launch of the Child Protection in Cyberspace Index at the Global Cybersecurity Forum signifies a historic advancement in safeguarding children online, according to an international think tank.  

Yuhyun Park, founder and CEO of the DQ Institute, highlighted that the CPC Index reflects tangible change following last week’s UN General Assembly agreement on a global digital compact, which included child protection in cyberspace as a central focus.  

“The CPC Index is the first concrete action since that agreement, and what we are seeing is a very high level of commitment to move forward,” she told Arab News during an interview on the sidelines of the forum in Riyadh. 

The index, developed in collaboration with key partners including the International Telecommunication Union, UNICEF, and WeProtect and the GCF institute offers a comprehensive framework for understanding child safety online at the national level.  

It builds on the DQ Institute’s seven years of research into child online safety but expands to include the roles of parents, schools, technology companies, and governments.  

“The beauty of the CPC Index is that it looks at the entire ecosystem surrounding children online, from families and schools to ICT companies and government regulations,” Park said, adding that this 360-degree approach provides countries with valuable insights into how they can best utilize their resources to improve child safety online. 

The CEO emphasized that the initiative is not just driven by one organization or nation but is the result of global collaboration across public and private sectors.  

The index aggregates standards and measures from around the world, helping nations track their progress in reducing cyber risks for children. “We are connecting the dots globally, so nations can see how they can move from today’s reality to a safer digital future,” she said. 

Park highlighted that over 70 percent of children globally have experienced at least one cyber risk, according to the latest Child Online Safety Index from the DQ Institute. With the rise of artificial intelligence, or AI, this number could shift dramatically as new risks emerge.  

“AI is going to change the landscape of online risks for children, and we expect new forms of dangers to become normalized, like AI-generated deepfakes and increased exposure to fake news,” the executive said.  

She warned that while AI can be used to mitigate some risks, it also has the potential to exacerbate existing challenges at an exponential rate. “We are entering a phase where bad actors have access to even better tools, and the dynamic could change quickly.” 

In this context, the CPC Index serves as a critical tool for countries to understand their vulnerabilities and implement necessary measures to protect children from these evolving threats. “The goal is to reduce that 70 percent number to zero,” Park said, underscoring the urgency of global cooperation in tackling these risks. 

Park praised Saudi Arabia’s leadership in advancing child protection in cyberspace, describing the Kingdom’s efforts as “remarkable” and fast-moving. “Saudi Arabia has shown a humongous advancement since 2020 in digital citizenship, digital well-being, and child online safety,” she said, crediting the Kingdom’s leadership under Crown Prince Mohammed bin Salman and Vision 2030.  

The Kingdom’s proactive stance on child protection is paving the way for other nations, Park observed, as it moves quickly from dialogue to action. 

One of the Saudi Arabia’s achievements is the development of national frameworks for child online safety, including plans to integrate digital citizenship education into the national curriculum.  

“If digital citizenship is implemented from primary school, it will be a tipping point for ensuring long-term online safety for children,” Park said. She encouraged the Ministry of Education to make digital literacy a core part of early childhood education, noting that such measures could set a global standard. 

Park also called for greater involvement from the private sector in ensuring a safer digital environment for children. “Private sector companies that have created the digital environment need to take leadership on this topic,” she said, adding that Saudi Arabia is well-positioned to drive collaboration between public and private sectors at both national and global levels. 

She also stressed that big tech companies like Google, Meta, Amazon, TikTok, and Snapchat must work together to create consistent measures and reporting systems to track and reduce cyber risks for children.  

“This isn’t about competition — it’s about collaboration,” she said, urging tech companies to partner with the CPC initiative to ensure transparency and accountability in online safety. 

The CPC Index and the broader child protection initiative, she concluded, represent a critical step in ensuring that children are protected in an increasingly AI-powered world. “This is why the CPC commitment is historically important — we need to act together to put the right boundaries around children in the digital space,” she said. 

As Saudi Arabia and the global community work together on this initiative, the CPC Index will provide valuable data and insights to help nations create safer digital environments for children, according to the executive.  

“The pact for the future is a starting point, but real change happens with implementation, and that’s where the CPC Index will make a difference,” Park said. 

Topics: GCF2024

Collaboration key to strengthening global cyber resilience, says ITU official

Updated 15 min 48 sec ago
Reem Walid
Follow

Collaboration key to strengthening global cyber resilience, says ITU official

Updated 15 min 48 sec ago
Reem Walid

RIYADH: Domestic and international cooperation are crucial components of the global cybersecurity agenda, according to Doreen Bogdan-Martin, secretary-general of the International Telecommunication Union.

Speaking at the panel discussion titled “Navigating the future: Advancing international cooperation to build confidence in cyberspace” during the Global Cybersecurity Forum in Riyadh, she emphasized the urgent need for enhanced global efforts to combat cyber threats.

Bogdan-Martin noted that international collaboration is vital for addressing the transnational nature of these threats. Such cooperation allows for the sharing of best practices, intelligence, and resources, which strengthens collective cyber resilience.

In 2023, cyberattacks impacted over 343 million victims, and data breaches rose by 72 percent between 2021 and 2023, breaking previous records, according to Forbes Advisor.

“There’s still some gap that’s remaining. I think we are progressing on the right track, but we need to do more; we need to go faster; we need to go deeper,” she said.  

“We have a global cybersecurity agenda that we laid out back in 2007, and I actually think it’s still very relevant today,” Bogdan-Martin. 

She highlighted the importance of establishing a robust legal and regulatory framework, operational preparedness, and capacity building as critical components in addressing cyber challenges, adding that “cooperation, both domestically and internationally,” is vital. 

Bogdan-Martin noted that the landscape has become increasingly complex, particularly with the emergence of artificial intelligence. “Look at just the past year and a half and how generative AI has sort of swept the planet. I don’t think we understood how quickly the technology would evolve, but we knew that we had to be building safety by design back in the day,” she said. 

In a separate panel, titled “Crime Inc: The institutionalization of organized cybercrime,” Deputy Assistant Attorney General Josh Goldfoot from the US Department of Justice shed light on the structured nature of cybercrime. 

“The message I wanted to convey about how cybercrime is organized is that it is dispersed and centered around specialization,” Goldfoot explained. “One attack on a company requires several different components: malware, reconnaissance, penetration, and, finally, economic exploitation.” 

Goldfoot elaborated that cybercriminals often specialize in specific aspects of an attack and advertise their services to others in online forums. 

Experts from technology, public policy, defense, and other sectors gathered in Riyadh for the two-day Global Cybersecurity Forum, focusing on the theme “Advancing Collective Action in Cyberspace.” 

The event was aimed at enhancing multi-stakeholder engagement and driving joint initiatives on key strategic priorities, featuring five core sub-themes that address critical aspects of cybersecurity. 

Topics: GCF2024

Saudi Arabia’s cybersecurity market poised for growth amid rising investments

Updated 37 min 18 sec ago
Nadin Hassan
Follow

Saudi Arabia’s cybersecurity market poised for growth amid rising investments

Updated 37 min 18 sec ago
Nadin Hassan

RIYADH: The cybersecurity market in Saudi Arabia is set for significant growth, fueled by increasing technology investments and the rising demand for digital protection.

Hesham Al-Taleb, VP of R&D at Saudi Information Technology Co., highlighted this trend in an interview with Arab News, noting that as technology investments rise, the need for cybersecurity will grow correspondingly.

Al-Taleb explained that the relationship between technology investment and cybersecurity is intertwined; more economic activity and digital business operations lead to greater requirements for cybersecurity measures.

Recent data from the National Cybersecurity Authority reveals that Saudi Arabia’s investment in cybersecurity products, solutions, and services rose to SR13.3 billion ($3.55 billion) in 2023, marking a 10.83 percent increase from the previous year.

Al-Taleb also pointed out the unique challenges organizations face regarding cybersecurity threats, which can disrupt vital services. He anticipates continued growth in both cybersecurity solutions and advisory services, alongside a burgeoning demand for skilled professionals in the field.

Al-Taleb underscored the essential role of partnerships in achieving success, whether with regulators, customers, or international entities. He emphasized that collaboration is vital for fostering effective relationships.

A key aspect of their approach is actively listening to customers’ needs and pain points, which helps in developing effective products and solutions. This strong focus on customer engagement not only informs product development but also highlights the significance of advisory services within their operations. By providing tailored guidance, they ensure that clients receive the support necessary to tackle their specific cybersecurity challenges effectively.

“We also work hand-in-hand with the NCA as their technical arm to make sure that the regulations and the things that are done from the policies side are actually aligning with the challenges,” Al-Taleb said.

He added: “When it comes to cybersecurity, challenges meet either on the technology side, on the governance side.”

Al-Taleb noted that cybersecurity was identified as a critical issue for Saudi Arabia in 2017, prompting its incorporation into a national strategy. This led to the establishment of NCA as the regulatory body responsible for overseeing digital defense initiatives.

Endorsed by a royal order, the plan aims to protect the Kingdom’s national entities and critical infrastructure while also capitalizing on economic opportunities within the expanding cybersecurity and secure-by-design technology sectors. This strategic approach underscores the importance of cybersecurity not only as a protective measure but also as a driver of economic growth.

Topics: GCF2024

Aramco Digital aims to make Saudi Arabia a cybersecurity, AI leader, says top executive

Updated 03 October 2024
Reina Takla
Miguel Hadchity
Follow

Aramco Digital aims to make Saudi Arabia a cybersecurity, AI leader, says top executive

Updated 03 October 2024
Reina Takla Miguel Hadchity

RIYADH: Aramco Digital is at the forefront of Saudi Arabia’s shift toward a technology-driven economy, implementing key initiatives in cybersecurity, 5G infrastructure, and artificial intelligence.

In alignment with Vision 2030, the company is developing an industrial 5G network and a major AI-driven data center, positioning the Kingdom as a global tech leader and driving economic growth through digital innovation.

In an interview with Arab News at the Global Cybersecurity Forum in Riyadh, Margarete Schramboeck, a board member of Aramco Digital, highlighted the firm’s crucial role in Saudi Arabia’s digital transformation, particularly in cybersecurity and its industrial applications.

“Cybersecurity plays an important role not only for our private lives but especially for the business lives,” Schramboeck said, highlighting the importance of Aramco Digital and its subsidiary, Cyberani, in safeguarding companies, industrial sectors, and government authorities. 

Their priority is to create safer and more productive environments. “It’s one of our focuses,” she added.

As a comprehensive information and communication technology company, Aramco Digital is working to enhance Saudi Arabia’s online infrastructure. 

The firm has secured a license to develop an industrial private 5G network, which will soon be deployed across the country. This network will serve as a foundation for industrial companies and government entities. 

Schramboeck also shared that Aramco Digital is collaborating with US artificial intelligence company Groq to build a major data center designed for storage and AI-focused processing. 

“Most importantly, it (the data center) is Saudi, and it is important that we see that this is an important aspect,” she added.

This facility aims to become one of the largest in the Middle East, potentially the world, driving the Kingdom’s ambition to be a global hub for AI and digital innovation.

The company’s commitment aligns with Vision 2030, Saudi Arabia’s blueprint for economic diversification. “Helping Saudi Arabia and the region in this digital transformation is key for us,” Schramboeck said, emphasizing the local origin of the data center and its role in shaping the Kingdom’s future.

Schramboeck also discussed the critical role of cybersecurity in enabling broader digital transformation. “We cannot do anything today without cybersecurity,” she stressed, linking it to the resilience of economies worldwide. 

She praised the Global Cybersecurity Forum for spotlighting the skills and innovative potential within the sector, underscoring its importance in building economic resilience.

Reflecting on the Kingdom’s digital progress, Schramboeck expressed admiration for the country’s advancements, particularly in the public sector, highlighting that “Saudi Arabia and the government sector is ahead of a lot of European countries.” 

While she acknowledged the potential for cooperation between the Kingdom and Europe, particularly in industrial automation, she emphasized that Saudi Arabia has been making remarkable strides in achieving its goals through investment in both funding and manpower.

Schramboeck concluded by expressing her desire to help bridge the gap between the Kingdom and mid-sized European companies specializing in industrial automation. 

“There are a lot of mid-sized European specialized companies in this field. Sometimes they don’t know about Saudi Arabia, they don’t dare to come here,” she said, expressing her commitment to fostering collaboration and growth in this field.

Topics: GCF2024

Saudi Arabia urges global cooperation to build trust, strengthen cybersecurity frameworks

Updated 03 October 2024
Nadin Hassan
Follow

Saudi Arabia urges global cooperation to build trust, strengthen cybersecurity frameworks

Updated 03 October 2024
Nadin Hassan

RIYADH: Saudi Arabia’s efforts to spearhead global cooperation in digital defense took center stage at the Global Cybersecurity Forum held in Riyadh, as building trust via a global partnership is key, according to an official.

Speaking during a panel session at the event, the Minister of State for Foreign Affairs, Adel Al-Jubeir, highlighted the Kingdom’s proactive stance in building international trust in the digital space.

“There are areas where that can be used in order to build confidence, and that confidence helps us work better with each other,” Al-Jubeir said.

He added: “Because one, I understand two issues, one on the protection of children, and one on the empowerment of women. I don’t believe anyone on this globe can not appreciate and support the importance of protecting our children from evil on the Internet.”

Al-Jubeir pointed out that cybersecurity is no longer just a technical issue but a crucial factor in attracting investment. 

“When investors look at countries, they look at cybersecurity. It’s become now one of the main, if not the main issue,” he said. 

Al-Jubeir continued: “Would you invest in a company in which you cannot use the Internet safely? Of course not, so this is an incentive for countries to do something about enhancing and protecting their networks.”

Adding to the discussion, the former Indian Minister of Foreign Affairs, Shyam Saran, underlined the urgency of keeping pace with the quick advancements in cyber technology. 

“The speed of change is so rapid that states are constantly playing catch-up, both in terms of domestic laws and international agreements,” he said. 

Saran added: “Because of the speed of change that is taking second here you have a technology which is, in fact, in the nature of what I would call a multiplicator. That is, it has an impact across various domains.”

He highlighted that cybersecurity impacts multiple sectors, including defense and energy, making collaboration even more essential.

Al-Jubeir stressed the complexities of cybersecurity compared to other global challenges, such as trade or environmental issues. 

“With cyber, a single individual sitting in a dorm room can wreak havoc on a nation’s electricity system, banking system, or defense system,” he said. 

This global nature of cyber threats, he explained, necessitates a collaborative effort among nations to develop a unified framework of laws and procedures that protect cyberspace.

This proactive approach is part of Saudi Arabia’s broader strategy to position itself as a responsible global actor, connecting continents through its strategic geographic location. 

“Our policy has always been about connectivity — whether it’s data lines, sea lanes, or air traffic. We are cognizant of the responsibilities and opportunities our position offers the global community,” Al-Jubeir said. 

He added: “Saudi Arabia is all about bridge building. Just look at our geographic location cases between three continents: Asia, Africa, and Europe. The more bridges we build, the more connectivity we have, whether that connectivity is shipping, whether it’s data lines, whether it’s cyber, whether it’s thought connectivity.”

Additionally, the minister underscored the comprehensive nature of the Kingdom’s approach to cybersecurity, which aligns closely with its Vision 2030 initiative. 

This sweeping reform plan aims to diversify the economy and create a secure digital environment conducive to technological innovation and investment.

Al-Jubeir highlighted how the digital age has transformed global job creation and industries, making it easier for countries to benefit from outsourcing through cyber technologies.

“In the past, nations hosted call centers which created jobs and spin-off industries,” he said, adding that today’s technologies, such as 3D printing, enable production across borders, creating even more opportunities. However, he warned that these advantages will only be realized by countries that establish a solid legal framework and secure their networks from vulnerabilities.

Al-Jubeir pointed to Saudi Arabia’s Vision 2030 as a prime example of a comprehensive reform initiative that integrates economic and social development with a focus on cybersecurity.

“What we have done in Saudi Arabia when you look at Vision 2030 is very comprehensive,” he said. The minister emphasized the importance of ensuring every aspect of society is connected and protected from cyber threats, stressing that even a single weakness in the system could lead to widespread disruption.

Reflecting on the need for agility in the digital economy, Al-Jubeir urged nations to be quick and adaptable to maintain their competitive edge. 

“If you’re not quick on your feet and comprehensive, you’re going to lose, and you are going to forfeit opportunities,” he said. 

Al-Jubeir also emphasized the importance of global collaboration in cybersecurity, advocating for shared baselines and codes of conduct that will help create a secure international framework. 

He added: “Very optimistic that we can get there, but the key is to get globally everyone to think in terms of baselines.”

Topics: GCF2024 Global Cybersecurity Forum Global cybersecurity

Related

Special
Business & Economy
Democratizing cybersecurity expertise crucial to counter AI-fueled digital crimes: Microsoft executive
Business & Economy
Saudi Arabia calls for harmonized international efforts to ensure cybersecurity

Latest updates

Lebanon army fires at Israel in first after soldier’s death
Pakistan eyes increasing exports to Russia to $4 billion in next 5 years
Lebanon army fires at Israel in first after soldier’s death
Foreigners flee Lebanon as Israeli offensive intensifies
Indian court halts release of Pakistani blockbuster “The Legend of Maula Jatt”

Search form

Print Edition
Read pdf version Subscribe now
© 2024 SAUDI RESEARCH & PUBLISHING COMPANY, All Rights Reserved And subject to Terms of Use Agreement.