Cyberattacks hit 95% of Saudi businesses last year, says study

(Shutterstock)
Short Url
Updated 12 August 2020

Cyberattacks hit 95% of Saudi businesses last year, says study

  • Data, money and reputation at risk

RIYADH: Cyberattacks hit 95 percent of businesses in the Kingdom last year, according to a new survey, as a cybersecurity expert warned that there was a lack of awareness in Saudi Arabia about the seriousness of such attacks and what people could do to protect themselves.

More than 800 global business and cybersecurity leaders took part in the survey, including 49 from the Kingdom. It was commissioned by a cybersecurity firm, Tenable Inc., and carried out by Forrester Consulting.

According to the study, 85 percent of Saudi survey participants had witnessed a dramatic increase in the number of business-impacting attacks in the past two years. The effects of the attacks were serious, with organizations reporting loss of customer or employee data, ransomware payments and financial loss or theft. Around 61 percent of security leaders in Saudi Arabia said the cyberattacks also involved operational technology.

Cybersecurity expert Abdullah Al-Jaber said the primary reason that most of these cyberattacks were successful in the region was due to a lack of awareness about the gravity of these incidents and the ways that people could protect themselves against them.

“A lot of cybersecurity attacks happen because of a lack of cybersecurity awareness in a company’s employees,” he told Arab News. “Many attacks start from phishing campaigns and lead to major incidents, similar to the attack that happened recently on Twitter,” he said, referring to a Bitcoin hacking scheme that happened on the social media platform last month.

Al Jaber recommended educating employees about proper internet security, keeping work and personal internet browsing and email access on separate devices if possible, and avoiding unsafe behavior such as pirating music, movies, and TV shows.

“Improving cybersecurity awareness to employees is key for companies to make sure they don't open any malicious links or files that might lead to an incident. Also, understanding the environment and which systems are exposed to the Internet and making sure those systems are hardened and protected. The National Cybersecurity Authority (NCA) has published frameworks for organizations to follow, which help many organizations in improving their cybersecurity maturity,” he added.

He also recommended choosing complex passwords for email access and enabling two-factor authentication protocols whenever possible for added security.

The Tenable poll showed that fewer than 50 percent of the security leaders who took part said they are framing cybersecurity threats within the context of a specific business risk. For example, although 96 percent of respondents had developed response strategies to the COVID-19 pandemic, 75 percent of business and security leaders said their response strategies were only “somewhat” aligned.

Al-Jaber warned that these attacks could be dangerous for many reasons and not only because of the financial impact they could have on companies, as many factors came into play in terms of phishing scams.

“Some of the impact caused by cybersecurity attacks are the loss of sensitive information such as customer or employee personal identifiable information, financial loss, and even to the company’s reputation. A company that is known for being more vulnerable to cyberattacks might have less of a value on the stock market or to potential investors,” he said.

A royal decree requires all organizations to improve cybersecurity standards and procedures to protect their networks, systems and electronic data, and commit to the adoption of policies, frameworks, standards, controls and guidelines issued by the NCA.


Saudi Ministry of Industry and Mineral Resources launches mining reserves, complexes and mining licenses service

Updated 52 min 46 sec ago

Saudi Ministry of Industry and Mineral Resources launches mining reserves, complexes and mining licenses service

  • The move comes as a preparation for the launch of the new mining investment system

RIYADH: The minister of industry and mineral resources, Bandar bin Ibrahim Alkhorayef, launched a service on Thursday giving people access to the Taadin (mining) electronic platform that will include all electronically submitted applications for licenses, the registry of all licenses issued by the platform and their procedures, and the registry of mining complexes and mining reserves.

This move comes as a preparation for the launch of the new mining investment system, which was recently approved by the government and will come into effect at the beginning of 2021.

The launch of these services comes in respect with Article 4 of the new mining investment system, as it seeks to promote transparency in the sector and provide all relevant parties with access to information about licenses and mining areas.

“The ministry has tirelessly worked, in cooperation with numerous consultancy firms specialized in the field of mining, to develop the new mining investment system, which is now aligned with the best international practices in the relevant field,” said Khalid bin Saleh Al-Mudaifer, deputy minister of industry and mineral resources.

 “We are currently working on preparing the executive regulations, conditions and necessary electronic models to deal with all kinds of license applications. We are also working to further develop the Taadin platform, which will be receiving and rapidly dealing with applications after all the requirements become available soon.

“When the regulations, conditions and models are completed, it will be possible, through this platform, to clarify and facilitate the requirements for licenses and businesses and receive the investors’ new applications,” he added, noting “this development in terms of mining-related legislations in the Kingdom is an important part of the Kingdom’s mining strategy, which is an integral part of the ambitious 2030 Vision and the National Industrial Development and Logistics Program, that aim at developing the mining sector, turning it into the third pillar of the Saudi industrial sector.”

The ministry invites all those interested in acquiring further information to visit the following website: https://www.dmmr.gov.sa/mop/pages/home.aspx.