Saudi Arabia implements cybersecurity framework

Saudi Arabia’s Communications and Information Technology Commission (CITC) announced the implementation of a regulatory framework to beef up cybersecurity in the Kingdom.

The “cybersecurity regulatory framework” for service providers in the communications, IT, and postal (services) sector aims to raise the security levels of service providers.

It seeks to ensure the implementation of adequate cybersecurity measures following the best international practices.

In a statement, CITC said the regulatory framework contains a comprehensive set of cybersecurity requirements and controls that will contribute to regulating the communications, IT, and postal service sectors.

The framework ensures an increase in the level of confidence in the integrity of the infrastructure of service providers, and the application of best practices to develop appropriate cybersecurity measures.

This regulatory framework also requires the adoption of a risk management methodology and the fulfillment of all cybersecurity requirements by service providers to enable them to deal with cyber threats effectively.

Saudi Arabia’s Vision 2030 and the National Transformation Program are accelerating primary and digital infrastructure projects intending to raise living standards.

The Kingdom has made notable progress in international indicators. It was ranked the most advanced and reform-driven country according to the World Bank’s “Doing Business” report. It also ranked third globally in terms of 5G networks.

Saudi Arabia’s cybersecurity professionals are also getting a boost through training initiatives to meet the growing threat of cyberattacks.
Dr. Muhammad Khurram Khan, a professor of cybersecurity at King Saud University and founder of the Global Foundation for Cyber Studies and Research, in Washington, DC, earlier told Arab News: “After the Saudi Aramco incident (Shamoon cyberattack) in 2012, the (Saudi) government embarked on a journey to bootstrap its resources toward building a resilient cybersecurity ecosystem to address the cyber risks from internal and external hostile adversaries.

“During the last few years, several local universities have commenced degree programs in cybersecurity to prepare skilled and professional experts to cater for the demand of the local public and private organizations,” he said.