Abu Dhabi
Source: Mufakiru Alemarat
Dr. Ali Mohamed Al Khouri
As global reliance on AI grows as a driving force for transformations across economic sectors, national economies face complex and endless challenges. This progress comes with complex cybersecurity challenges that make protecting the nation’s economic resources and assets more important than ever. These realities require policymakers to understand the interconnected dimensions of increasing technological reliance and the security risks associated with it, and to formulate strategies that balance maximizing the use of technological capabilities with addressing potential risks that could threaten market stability, business processes, and national economic development.
The impact of cybersecurity on the global economy
Current estimates suggest that losses from cybercrime could reach $10.5 trillion annually by 2025, up from $3 trillion in 2015. This dramatic increase reflects the escalation of cyberattacks, which pose a clear challenge to commerce and business, and the level of trust in digital environments and systems.
Financial institutions have reportedly become the most targeted by cyber attacks due to the sensitivity and high value of the data they handle. In 2023, they witnessed a sharp increase of 72 percent in data leaks compared to the previous year. According to a report issued by the International Monetary Fund last April, attacks on financial companies accounted for about a fifth of all cyber attacks, and banks remained the most prominent target of these attacks. A report issued by IBM this year also showed that the financial services and insurance sector was the most exposed to cyber attacks in the Middle East and Africa region in 2023, accounting for 44 percent of the total attacks in the region.
On the other hand, many government institutions have been exposed in recent years to cyber attacks that have led to the leakage of sensitive data and the disruption of public services in various vital sectors. The most prominent examples of this are the announcement by government institutions in the United States, France and Germany, in the first half of this year, that they were exposed to “unprecedented cyber attacks” that targeted shared networks and their electronic systems, and led to the disruption of service portals for citizens, transportation services and energy networks, and caused temporary power outages.
In general, what global reports reveal is the inability of security measures and preventive measures to keep pace with the development of attacks that have become difficult to detect and confront, despite the large budgets allocated by countries and companies to protect infrastructure in various sectors.
AI weapon
Artificial intelligence has added a new dimension to the cybersecurity equation; it clearly plays dual roles that may conflict or complement each other, depending on how it is used; on the one hand, it represents an ideal tool that can be used to support protection defenses, and raise the level of efficiency, flexibility, and security preparedness; but on the other hand, it may be used to develop harmful and unethical hacking techniques, and diversify offensive and unexpected methods, such as machine learning and deep forgery, which also make it more difficult to protect systems and information.
Recent studies show that generative AI, which can automatically create new content and generate data similar to the data it has learned from, has become an unprecedented possibility for developing complex cyber attacks and executing them in ways that were not possible before. This development has opened up new horizons for cyber attacks, especially in executing “phishing” and “social engineering” attacks through robots that operate and make their tactical decisions on their own.
Global Cybersecurity Response
Globally, there is a high level of awareness among governments and international institutions about the need to adapt to technological progress and adopt sound policies to confront cyber challenges; however, in general, they vary from one country to another.
According to some statistics, global spending on cybersecurity and IT risk management services is expected to reach about $200 billion this year, an increase of 12 percent compared to the previous year. As for the Middle East region, expectations indicate that spending on cybersecurity will reach about $36 billion by 2026, at a compound annual growth rate of 15.2 percent.
The increase in global spending, according to these statistics, indicates that cybersecurity has become an essential criterion that reflects countries’ readiness for the era of digital transformation, and that cybersecurity has become an actual challenge that crosses borders, with the emergence of high-tech means that allow cyberattacks to launch from anywhere, targeting countries, companies and infrastructure regardless of geographical location.
Strategic Recommendations for Policy Makers
All of this makes it clear that the road ahead for policymakers will be rough and even thorny. Although solutions may seem feasible in theory, implementing them requires flexible and innovative strategies to strike the right balance in the changing technology landscape and find practical ways to overcome the overlap between economic interests and cyber risks. The following six pillars present some of the axes that may support current national policy frameworks.
• Shift from regulation to dynamic adaptation
Policymakers should shift from a regulatory framework based on traditional, static security and risk management practices to dynamic, adaptive models that allow for automatic and proactive updating of legislation and policies to address new technologies and evolving threats. Such models require ongoing monitoring and evaluation mechanisms by establishing institutional units to continually review and adjust policies as needed to ensure their effectiveness and ability to address emerging threats.
A study issued by the global consulting firm McKinsey confirms this matter, as it showed that organizations that adopted a dynamic approach to their security policies were able to reduce cyber risks by 30 percent compared to those that relied on fixed institutional frameworks that are limited to periodic updates and do not change except according to specific timetables.
• Interactive information networks
The creation of interactive cyber platforms is an important pillar to go beyond traditional information exchange mechanisms and make them work as a smart safety network. Such platforms provide public and private sector organizations with a digital environment to ensure the implementation of general controls regulating system protection, monitoring data movement, detecting threats, and increasing the level of coordination regarding mechanisms for reporting security breaches.
International reports issued by the Organization for Security and Co-operation in Europe (OSCE) and the International Telecommunication Union (ITU) show that the presence of such platforms contributes to supporting cyber capabilities and security resilience, enabling them to act as an early warning system, in addition to developing advanced defensive response mechanisms at the national and international levels; which creates a safe environment for digital investment, and nurtures the confidence of individuals and companies in institutional systems.
• Qualifying a new generation of competencies
The cybersecurity skills gap must be addressed; despite technological advances, the need for human resources capable of supporting security readiness remains. Reports indicate that this gap could reach 3.5 million unfilled jobs by 2025. Investing in education, scholarships, and incentives directed towards academic and professional security disciplines is a strategic necessity to develop competencies in the public and private sectors; so that they are able to keep pace with future cyber challenges, and provide a solid foundation for strengthening digital security operations.
• Advanced Security Technology Laboratories
Government support should be provided to R&D centres and labs as open environments for developing and testing advanced security technologies, another strategic step towards strengthening cyber defences capable of countering modern and evolving threats. Such centres and labs can be a fertile ground for innovation and the production of solutions capable of countering evolving cyber threats.
Many governments have allocated huge budgets in cooperation with the private sector to finance research and development of cyber defenses. For example, the Horizon Europe program, which aims to support the competitiveness of European countries, has allocated a large part of its budget, which is close to 100 billion euros, to research on cyber defenses and protecting them from growing digital risks. Developed and developing countries follow this well-established approach that combines scientific research and development, social and economic progress, and digital security.
• Digital awareness initiatives
The public must be educated about the basics of cybersecurity to create a vigilant society that supports digital security at the individual and institutional levels. Interactive awareness campaigns and training workshops must be launched to inform individuals and institutions on how to protect their devices and data in order to enhance their ability to confront cyber threats and even make society the first line of defense.
A report from Fortinet indicates that 50 percent of the 569 organizations surveyed in 2023 were victims of ransomware attacks—which encrypt victims’ data and demand a ransom to restore it—and 71 percent of them complied with the ransom demand, demonstrating the potential financial and operational damage that can result.
• International coalition
Recognizing the transnational nature of threats, governments must work with the international community to establish governance mechanisms and common principles for international cooperation, and to confront the growing threats in cyberspace. Just as there are international agreements governing the use of conventional and nuclear weapons, international cyber agreements can contribute to establishing rules of digital behavior and defining penalties for cyber attacks. These agreements would ensure the stability of digital security and prevent the exploitation of cyberspace in international conflicts. Joining such multilateral agreements also allows developing countries to access technical support and training to help them build defensive capabilities, which would contribute to the stability of global cybersecurity and narrow the digital gap between countries.
Today, the world faces an unprecedented intersection between accelerating technological developments and growing cybersecurity threats. This reality poses extremely complex strategic challenges for policymakers to find the gray area that allows them to benefit from economic opportunities, exploit the broad prospects of expanding the digital economy, and overcome the complex cybersecurity risks that this development creates that threaten the stability of institutions, national interests, and economic security.
Current challenges will remain a long-term battle governed by the interests of countries and companies that will often seek to achieve different goals according to the nature of interests and strategies. It is certain that the success of countries in the future depends on the existence of forward-looking and intelligent visions that believe in progress, and are keen to build a reliable digital system that ensures safe economic growth, and is supported by advanced defenses to confront cyber risks that may threaten economic gains and undermine confidence in the digital system.
About | |
---|---|
Initiatives | |
Knowledge | |
Services | |
Media Center | |
Contact |