US National Cyber Director calls for global cybersecurity overhaul at Riyadh forum

US National Cyber Director calls for global cybersecurity overhaul at Riyadh forum
US National Cyber Director Chris Inglis. AN
Short Url
Updated 30 sec ago
Follow

US National Cyber Director calls for global cybersecurity overhaul at Riyadh forum

US National Cyber Director calls for global cybersecurity overhaul at Riyadh forum

RIYADH: Cyberspace has become increasingly fragile due to decades of prioritizing innovation and market efficiency over security, according to experts at the Global Cybersecurity Forum in Riyadh. 

The discussion highlighted that attackers, often organized in syndicates, have outpaced defenders, who are typically constrained by operating in silos, making cybersecurity a global challenge that requires collective action.

US National Cyber Director Chris Inglis stressed the inherent vulnerabilities in digital infrastructure, attributing it to the rapid pace of technological development. 

“For 50 years, as we’ve developed the internet and all of the associated technologies, innovation and market efficiency have been the predominant drivers, and safety has always been the poor third child in the corner,” he said. 

This oversight, he highlighted, has left many systems challenging to defend, with resilience often being an afterthought.

Inglis emphasized the importance of moving beyond isolated defense strategies, advocating for closer collaboration between governments, private sectors, and international bodies. 

He proposed a new “social contract” for cyberspace, fostering shared responsibility to address existing vulnerabilities and emerging threats. 

According to Inglis, frameworks for information sharing and collective action are key to closing the gap between attackers and defenders.

The conversation also turned to the increasing role of artificial intelligence in cybersecurity. 

While acknowledging that AI is currently being used more effectively by attackers, Inglis expressed optimism about its potential to serve as a powerful defensive tool. 

“At the moment, generative AI tends to be more frequently used by the attacker, so that at the moment is something where the attackers are ahead of the defenders. That’s not necessarily the way it needs to be,” Inglis stated. 

He called for a more strategic approach to AI development, with a focus on ensuring that it remains under human control and aligned with ethical standards. “We should not, must not, develop AI for its own sake. We have to develop it because we have some plan in mind of what we want it to do,” he emphasized.

Inglis outlined key actions needed to bolster global cyber resilience. These include establishing information-sharing protocols, encouraging collaboration across sectors, and leveraging government resources to complement private sector capacities, particularly in critical areas like finance. 

Governments, he suggested, have unique access to intelligence that can inform broader defense strategies, while the private sector excels at innovation and rapid deployment of solutions.

The panel also stressed the need for proactive measures to stay ahead of evolving threats. The global community can create a safer, more resilient digital environment by prioritizing security in future innovations and ensuring that AI technologies are developed responsibly. 

These remarks echo the notions raised during the discussions at the UN General Assembly in September, where global leaders called for robust AI governance to prevent its misuse in spreading misinformation and destabilizing democratic processes. 

Concerns over cybersecurity developments were raised at another panel at the forum in Riyadh by Paul Selby, chief information security officer at the US Department of Energy.

He painted a bleak picture of the current state of global defensive capabilities in the industry, but added: “Now, what gives me hope? This gives me hope that we're all here. We're all talking about it. The first step in correcting any problem is recognizing the problem,.” 

He added that the cost of attacks through supply chain risk management, or as a result of not having supply chain risk management, was $46 billion in 2023 and that is expected to rise to $60 billion in 2025.

“There was last year, 245,000 malware instances in Open Source Software. That's more than double the previous four years,” he added.

“Our adversaries are moving faster than we are reacting," Selby stressed, underscoring the need for a united global response.


Saudi Arabia can Pave the way in combating online child abuse, says expert

Saudi Arabia can Pave the way in combating online child abuse, says expert
Updated 17 sec ago
Follow

Saudi Arabia can Pave the way in combating online child abuse, says expert

Saudi Arabia can Pave the way in combating online child abuse, says expert

RIYADH: Saudi Arabia could become a global leader in combating online criminals who target children in cyberspace, according to an expert. Speaking to Arab News at the Global Cybersecurity Forum in Riyadh on Oct. 2, Iain Drennan, executive director of WeProtect Global Alliance, emphasized that identifying vulnerable users is crucial to preventing online crimes against children.

Saudi Arabia is hosting the GCF to advance collective actions and ensure a safe online space for everyone globally.

“It is incredibly important to integrate child online protection elements into our conception of cybersecurity. Saudi Arabia, with its pivotal role between east and west, between north and south, can bring together lots of the different voices that we need to have in the room to be able to move forward in this space,” said Drennan.

He added: “Looking from a child online protection perspective, it’s about identifying some of these most vulnerable users and ensuring that it’s not the responsibility on them to manage their own protection. It’s not even the responsibility of parents and caregivers. It should be the responsibility of governments and of the private sector to ensure that the tools are in place, that it’s safety by default.”

During the talk, Drennan stressed that collaboration among countries is necessary to ensure children can safely enjoy the benefits of the Internet and the digital world. “This is a problem that cuts across borders. So, you could have a child in Saudi Arabia using a social network that’s headquartered in the US, targeted by an abuser in another country entirely. So there needs to be collaboration between all of those different countries to be able to ensure that child is protected,” he added.

According to the cybersecurity expert, events like the Global Cybersecurity Forum will play a pivotal role in combating child exploitation online, as they gather global leaders and industry experts to address potential threats.

“Gatherings like the Global Cyber Security Forum play a really important role in bringing the global majority and the countries where the big tech platforms are headquartered together, so that we can develop solutions. A big part of that is information sharing,” he said.

Drennan noted that organized crime groups view online illicit activities as a business for financial gain.

In January, the World Economic Forum cited data from the International Monetary Fund and the Federal Bureau of Investigation, predicting that the global cost of cybercrime will surge to $23.84 trillion by 2027, up from $8.44 trillion in 2022. He pointed out that online criminals are increasingly using advanced AI technologies, like deepfake, to create intimate images for blackmailing children.

“What the criminals really trade on is the blame and the shame that the victims feel. And the other issue we have now is AI. AI is making that whole process a lot faster because they don’t need to trick victims into providing real images. They can create a deepfake and still blackmail, threatening to send it to family or friends unless they pay,” said Drennan.

He added that addressing online child protection is crucial for Saudi Arabia, given the young population's interest in online gaming. “It is definitely a key issue for Saudi Arabia to address cybercrimes. Sony Interactive Entertainment is one of our members, and they say Saudi Arabia is one of their key growth markets in terms of gaming. So, we know that children are online,” he said.


Closing Bell: Saudi main index closes in red at 12,044 

Closing Bell: Saudi main index closes in red at 12,044 
Updated 12 min 29 sec ago
Follow

Closing Bell: Saudi main index closes in red at 12,044 

Closing Bell: Saudi main index closes in red at 12,044 

RIYADH: Saudi Arabia’s Tadawul All Share Index shed 209.47 points, or 1.71 percent, on Wednesday to close at 12,044.07. 

The total trading turnover of the benchmark index was SR8.12 billion ($2.16 billion) with 10 stocks climbing and 226 retracting.  

Saudi Arabia’s parallel market Nomu also slipped by 354.29 points to end the trading at 24,954.76. 

The MSCI Tadawul Index fell by 1.68 percent to close at 1,508.09. 

The best-performing stock on the main market was Al-Baha Investment and Development Co. The firm’s share price surged by 8.33 percent to SR0.26. 

Other top gainers were East Pipes Integrated Co. for Industry and The National Co. for Glass Industries, whose share prices soared by 2.03 percent and 1.67 percent, respectively.  

The worst-performing stock of the day was Amana Cooperative Insurance Co., as its share price declined by 5.99 percent to SR11.62.  

On the parallel market, Naseej for Technology Co. and Enma AlRawabi Co. were the top gainers with their share prices soaring by 8.86 percent and 7.89 percent, respectively.  

The worst performer on Nomu was Naba Alsaha Medical Services Co. as its share price dropped by 9.80 percent to SR81.  

On the announcements front, Retal Urban Development Co. signed two agreements worth SR702.02 million with ROSHN to purchase and develop residential land for 644 housing units, as well as infrastructure works in Sedra residential neighborhood in Riyadh. 

In a Tadawul statement, Retal said that the project’s impact on the company’s financial performance will be visible from 2025 to 2027. The company also added that there are no related parties to the deal.   


Saudi state-backed funds eye stakes in Canadian mining firms, says industry minister 

Saudi state-backed funds eye stakes in Canadian mining firms, says industry minister 
Updated 26 min 9 sec ago
Follow

Saudi state-backed funds eye stakes in Canadian mining firms, says industry minister 

Saudi state-backed funds eye stakes in Canadian mining firms, says industry minister 

JEDDAH: State-backed Saudi funds are seeking to acquire stakes in Canadian mining firms as part of efforts to enhance the Kingdom’s global influence in the sector and diversify its economy beyond oil, said a top minister. 

During his visit to the North American country, Saudi Minister of Industry and Mineral Resources Bandar Alkhorayef asserted that there are no barriers to the Kingdom’s investments in the Canadian mining sector, despite local regulations that restrict investments by foreign state-owned entities, as reported by Al-Arabiya TV channel. 

In 2023, Saudi Arabia’s non-oil exports to Canada totaled SR140 million ($37.33 million), mainly comprising base metals and plant products. Conversely, non-oil imports from Canada reached SR2.89 billion, including locomotives, pharmaceutical products, and electrical devices. 

In a post on his X account, Alkhorayef said: “In Toronto, Canada, I met with the Chairman of the Saudi-Canadian Business Council and highlighted the council’s crucial role in enhancing trade relations between the two nations.” 

He noted that the council serves as a vital platform for connecting private sector leaders and fostering partnerships that leverage shared investment opportunities. 

The visit, following a similar tour in the US, aims to attract Canadian companies to explore essential minerals such as copper in the Arabian Peninsula. 

During its stops in Ottawa and Toronto, the Saudi delegation held strategic meetings with government officials and private sector leaders, resulting in memoranda of understanding aimed at advancing the industrial and resource sectors. 

Alkhorayef commenced his visit with a tour of the Toronto Stock Exchange, where he met with the CEO and representatives from various listed resource companies. Discussions focused on investment opportunities in the sector, underscoring the Kingdom’s potential and the incentives available for investors. 

Leading the delegation, Alkhorayef explored the latest digital financial technologies in the stock market and met with key global players in the resource and geological survey sectors. He also visited the University of Toronto and institutions dedicated to industrial innovation and capacity development. 

The Saudi minister participated in a roundtable meeting organized by the Saudi-Canadian Business Council, attended by Ontario’s Lt. Governor Edith Dumont and Associate Minister of Mines Stephen Crawford. 

The meeting focused on opportunities in the Kingdom’s industrial and resource sectors, as well as the advantages of investing in Saudi Arabia. 

Additionally, Alkhorayef met with Sebastian Goodfellow, director of the university’s Lassonde Institute of Mining, and interacted with Saudi students studying in Canada. 

In Ottawa, he held discussions with various government officials, including the Minister of International Development Ahmed Hussen and Minister of Innovation, Science, and Industry François-Philippe Champagne, emphasizing the Kingdom’s commitment to strengthening bilateral relations. 


Experts call for global cybersecurity rules, echoing nuclear age diplomacy

Experts call for global cybersecurity rules, echoing nuclear age diplomacy
Updated 32 min 25 sec ago
Follow

Experts call for global cybersecurity rules, echoing nuclear age diplomacy

Experts call for global cybersecurity rules, echoing nuclear age diplomacy

RIYADH: In light of rapidly advancing technology outpacing regulatory measures, experts at an event in Riyadh emphasized the steps needed to address cyber risks and foster responsible state behavior.

The Global Cybersecurity Forum showcased speakers discussing the evolving landscape of cyber diplomacy and the imperative for collective action.

Robin Geiss, director of the UN Institute for Disarmament Research, noted that discussions around cybersecurity at the UN have been ongoing for over 25 years. “Technology is not that new for the UN anymore... it’s a dialogue between everyone,” he stated, underscoring that this dialogue serves as a confidence- and transparency-building measure.

Geiss pointed out the difficulty in measuring the impact of these dialogues, saying, “When things escalate, we see directly the cost of human life... But of course, we don’t see so clearly what we’ve prevented.” He stressed the complexities of keeping pace with technology, adding, “Diplomacy and progress at the multilateral level move at the speed of trust.”

Highlighting the current geopolitical climate, Geiss observed a significant trust deficit that complicates multilateral mechanisms in cybersecurity. “What we really need is more progress in action than in theory or proclamations,” he asserted. “We know what we need to do... So how do we move forward at the implementation stage? That is really the challenge.” He praised initiatives like the GCF that unite diverse entities and individuals, while emphasizing that universal bodies like the UN are essential for effective coordination.

Concrete effort

Massimo Marotti, managing director for Strategies and Cooperation at Italy’s National Cybersecurity Agency, highlighted the necessity of concrete collective efforts within Europe.

“You mentioned concrete effort—that’s exactly what we do at the European level. We have 27 agencies for cybersecurity, and our regular meetings lead to concrete measures,” Marotti said.

He cited a recent meeting in Athens, where they addressed the post-quantum cryptography threat, warning, “In a few years, the computer revolution will make all the codes and keys we use today useless unless we change them.” He emphasized the importance of coordinated action, as Europe’s interconnected infrastructure means insecurity in one nation can pose risks for others. Marotti also mentioned forthcoming European regulations designed to enhance cybersecurity across the continent, stating, “We also work with partner countries, not only the EU. For instance, we recently signed a cooperation agreement with Albania.”

Adam Hantman, deputy director of the Bureau of Cyberspace and Digital Policy at the US Department of State, discussed ongoing global efforts to establish cybersecurity norms. “Essentially, what we’re doing here as a community is mapping out the rules of the road to govern a completely new domain,” he explained. He drew parallels to the dawn of the nuclear age, noting, “It took decades for the international community to establish norms and rules governing state roles in that space.”

Hantman emphasized the UN's critical role in cyber diplomacy and highlighted the Counter Ransomware Initiative in Washington, which now includes nearly 70 countries and organizations focused on combating ransomware.

In a separate panel, Heidi Crebo-Rediker, a senior fellow at the Council on Foreign Relations, expressed skepticism about the UN as the central platform for cybersecurity discussions. “I think the UN’s probably not the right place, but there are a lot of mini-lateral spaces where this is very active,” she remarked, suggesting alternative frameworks may be more effective for addressing cybersecurity challenges.


Cybersecurity is not just about securing data, Schneider Electric official says 

Cybersecurity is not just about securing data, Schneider Electric official says 
Updated 35 min 21 sec ago
Follow

Cybersecurity is not just about securing data, Schneider Electric official says 

Cybersecurity is not just about securing data, Schneider Electric official says 

RIYADH: The notion that cybersecurity is limited to securing information technology has been labeled a misconception, according to a top official from Schneider Electric. 

In an interview with Arab News during the Global Cybersecurity Forum in Riyadh, Abdulrahman Al-Musfir, regional head of the French multinational corporation’s cyber safety unit in the Middle East and Africa, emphasized that including operational technology is crucial for comprehensive cybersecurity. 

“When we speak about cybersecurity, we need to differentiate between IT cybersecurity and OT cybersecurity. So, for IT security, we are protecting information, data. However, in the OT security, we are protecting the process. Whether it’s a power plant, whether it’s an oil and gas plant, whether it’s a manufacturing production line. All these are considered as operational technology or industrial control systems,” Al-Musfir said.

“At Schneider Electric, we manufacture and we conduct maintenance and services for these systems and solutions. And it is part of our duty as a digital company for producing these solutions to make sure that they are secure by design and secure by operations,” he added. 

Al-Musfir explained that understanding securing systems and operation processes is critical when it comes to infrastructure and energy sectors. 

“The theme of this forum is advancing collective action. And when we speak mainly about the critical infrastructure sector, including oil and gas, electricity, and water, for nations, this is one of the most sensitive sectors or industries that we have for any nation,” he said. 

He highlighted that such sectors impact human safety and national economies. “For this critical infrastructure, we need to secure the full supply chain related to any systems, solutions for any automation that is part of this critical infrastructure,” he added.

According to Al-Musfir, establishing strong cybersecurity resilience requires full alignment between the producers of technology and its participants, such as end users in petrochemical companies, oil firms, and government entities. 

He emphasized that government regulations must be implemented to enable the industry and secure it effectively. 

“There must be a balance between innovation and security restrictions and control, and it is our role as a collective action to ensure that we put all these cybersecurity risk mitigations across the full value chain for this kind of industry or sector,” he said. 

The GCF is scheduled to take place from Oct. 2-3 under the theme “Advancing Collective Action in Cyberspace,” with the goal of enhancing multi-stakeholder engagement and driving joint initiatives on key strategic priorities.