Qatar hosted the third meeting of the Cybersecurity Executive Committee for the Gulf Cooperation Council (GCC) countries on Monday.
The event saw the participation of ministry representatives and deputies from cybersecurity agencies and centres within the GCC states.
According to the Qatar News Agency, the meeting covered various topics on the agenda, including the discussion of the Gulf cybersecurity strategy and the inaugural GCC Cybersecurity Hackathon.
Additionally, plans for the upcoming GCC Cybersecurity Exercises, scheduled to be held in Doha this November, were reviewed.
The meeting also previewed the agenda for the next GCC Cybersecurity Ministerial Committee meeting, set to take place in Doha this October.
In his opening remarks, Abdullah bin Jassim Al-Sayed, Advisor to the President of the National Cybersecurity Agency, emphasized the importance of enhancing international cooperation.
He commended the technical committees under the executive committee for their efforts in drafting the Gulf cybersecurity strategy.
Al-Sayed highlighted the need to intensify efforts in the coming periods to achieve the region’s common goals within the strategy’s framework.
He urged for the encouragement of scientific research and innovation in cybersecurity by supporting and developing talent.
Cyber incidents commonly attributed to the “human factor” are usually linked to accidental mistakes made by employees. However, another important element often overlooked is the deliberate malicious behaviour of employees.
A study conducted by the Russian research center Kaspersky found that over the past two years, 78% of companies in the Middle East and Africa faced various forms of cyber incidents, with 23% of these incidents in the region resulting from deliberate malicious acts by employees.
Generally, internal cyber threats are divided into two main types: unintentional and deliberate. Unintentional threats or accidental errors are mistakes made by employees unintentionally, such as falling victim to phishing and other social engineering tricks, or sending sensitive and confidential information to the wrong person, etc.