Cybersecurity in the Middle East

Eman Ragab
Tuesday 5 Mar 2024

Middle Eastern policymakers are becoming increasingly aware of the emerging threats and potential cross-sectoral consequences of a possible cyberattack, writes Eman Ragab


The rapidly developing awareness of the threats posed by criminal activities utilising artificial intelligence (AI), electronic warfare (EW), drones, and other modern technologies has drawn increased international attention to the need for more robust cybersecurity strategies.

In our contemporary era, economic diversification and progress have become fundamentally linked to the integration of AI technologies into the economy. Globally, 40 per cent of jobs are now at least in some way related to cybersecurity and artificial intelligence.

In the Middle East, incorporating these technologies into economic activities will yield a 12 to 20 per cent growth in overall economic activity and greatly boost the regional and international competitiveness of many local industries.

Numerous Arab countries have set ambitious goals of transforming themselves into global financial, energy, and transportation hubs. Accordingly, their long-term development projects, such as Saudi Arabia’s Vision 2030, Egypt’s Vision 2030, Abu Dhabi’s Economic Vision 2030, and the Oman Vision 2040, emphasise the need to integrate modern technologies into the banking and other economic sectors while simultaneously fortifying cybersecurity systems.

The emphasis on cybersecurity enhancement is informed by an understanding that the adverse impacts of cybersecurity threats may involve much more than the loss or theft of stored data. Breaches could disrupt the operations of vital facilities and trigger economic crises that transcend national borders.

Middle Eastern policymakers are increasingly aware of the emerging threats, as evidenced in government efforts to raise awareness about the multidimensional and potentially cross-sectoral consequences of a cyberattack.   

However, these countries are still deficient in their capacities to safeguard digital information systems, the networks dependant on them, and stored data from cyberattacks and to contain the impacts should an attack occur. So far, their capacity-building efforts in this domain have largely focused on countering the use of the Internet by terrorist groups for recruiting and other purposes.

This often involves shutting down the Webpages and social media accounts used by terrorists on such platforms as Facebook and Telegram or attempting to trace their activities on the “Dark Web.”

While many Middle Eastern countries have begun to invest heavily in developing and upgrading their cybersecurity infrastructure in tandem with efforts to protect vital facilities, promote digital transformation, and integrate Big Data, AI, and cloud technologies into public services, they remain critically dependent on imported technologies.

The data platform Statista predicts that overall investments in cybersecurity are expected to reach about $538 billion by 2030. According to market research company Mordor Intelligence, the size of the cybersecurity market in the Middle East will come to around $2.9 billion by the end of the current year and nearly double to $5 billion by 2029.

However, the region’s reliance on imported technologies presents several problems. Firstly, it keeps the Middle Eastern countries dependent on commercial forces abroad. Secondly, the diversity of components and systems used hampers effective integration and coordination. Thirdly, in the absence of national capacities to produce and service the different technologies, these countries’ ability to address cyberthreats almost entirely relies on foreign providers.

Given such vulnerabilities, cybersecurity investment in the region must shift to a stronger emphasis on education to achieve three key priorities.

First, they should focus on educating students at higher education institutions in AI, Big Data, Cloud, and related technologies. This type of education is vital for generating a domestic pool of human resources capable of producing such technologies.

In other words, the goal is to move beyond the currently existing type of training we have in the region, which essentially involves how to use technologies made by others. A nationwide post-graduate programme could be launched towards this end, offering diploma courses in cybersecurity, Cloud, AI, or other technologies to all university graduates interested in this crucial sector regardless of their degree.

Second, a cybersecurity and related technologies component should be integrated into the educational curricula at all pre-university and university levels. This would focus on practical and perhaps also goal-oriented applications. For example, students could be encouraged to design graduation projects utilising these technologies for solving certain societal or local community problems.

Third, investment in the theoretical aspects of a technological education, the backbone of modern technology and its applications in cybersecurity and other fields, should be expanded. Generating the human research and development resources needed is indispensable for facilitating technology transfer and localisation, empowering us to produce the relevant technologies and applications ourselves.


The writer is director-general of the Regional Expertise Centre for Combating Drugs and Crime at NAUSS.

* A version of this article appears in print in the 7 March, 2024 edition of Al-Ahram Weekly

Short link: