Saudi private sector spends 9.2 billion riyals on cybersecurity, government agencies 4.1 billion riyals

The National Cybersecurity Authority revealed that the total spending of entities operating in the Kingdom on cybersecurity products, solutions and services during 2023 amounted to 13.3 billion riyals, and the share of government agencies is 4.1 billion riyals, representing 31% of the market size, and the share of the private sector is about 9.2 billion riyals, representing 69%, of which 2.8 billion riyals were spent by private sector establishments with sensitive infrastructure.

A report issued by the Authority today indicated that most of the spending of government agencies and private sector establishments with sensitive infrastructure on cybersecurity products, solutions and services is in large and very large entities, and medium-sized establishments were the highest spenders, as they represent the largest number of private sector establishments that require cybersecurity products, solutions and services.

The total number of cybersecurity cadres in the Kingdom reached 19.6 thousand specialists, of which women represent more than 32%, which exceeds the global average of women’s representation in the cybersecurity sector by 28%, as the global average of women’s participation in working in the cybersecurity sector is about 25%, and the number of providers of cybersecurity products, solutions and services reached 353 establishments. The share of products and solutions from the cybersecurity sector reached 56%, with a value of 7.5 billion riyals, and the share of cybersecurity services reached 44%, with a value of 5.8 billion riyals. The contribution to the GDP amounted to 15.6 billion riyals, 8.6 billion riyals directly and 7 billion riyals indirectly. The National Cybersecurity Authority confirmed that the sector has witnessed a vital and rapid development since its establishment in the Kingdom, as the work of establishing this sector began with its economic and security aspects and its various local and international dimensions, until the Saudi model in cybersecurity became a successful and global pioneering model in this field. The model in cybersecurity is distinguished by its comprehensiveness in addressing cybersecurity areas, whether legislative, security, economic or developmental. The Saudi model for cybersecurity is based on decentralization in operation, which falls under the responsibility of national authorities, and centralization in cybersecurity governance at the national level through centralization of organization, centralization of operations, and specifically centralization of cybersecurity assessment work. The Authority explained that the report was prepared in cooperation with specialized expertise houses, and the inputs of local and international experts and specialists were utilized; this study was also prepared over a period of two years, following the best standards and practices in this regard, and a comprehensive classification of products, services and solutions in the cybersecurity sector was prepared, as they were classified into more than 100 chapters. The National Cybersecurity Authority is the competent authority for cybersecurity in the Kingdom, and the national reference in its affairs. It aims to enhance it to protect the vital interests of the state and its national security, in addition to protecting sensitive infrastructure and priority sectors, and government services and activities. The Authority is also responsible for stimulating the growth of the cybersecurity sector in the Kingdom, encouraging innovation and investment in it, conducting studies, research and development in cybersecurity, and preparing periodic reports on the state of cybersecurity in the Kingdom at the national and sectoral levels.