Egypt’s digital growth comes with cyber risks: Egypt’s growing reliance on digital infrastructure and economic automation has placed it squarely in the crosshairs of increasingly sophisticated cyberattacks, cybersecurity expert and advisor to the High Advisory Board for IT and Cybersecurity Waleed Hagag told EnterpriseAM. While Egypt has made notable progress in its cybersecurity efforts — scoring full marks across all five pillars in the International Telecommunication Union’s 2024 Global Cybersecurity Index (pdf) — the rapid pace of digital transformation continues to expose critical vulnerabilities. From hacking vital infrastructure to safeguarding personal and institutional data, the risks are growing as Egypt’s digital ecosystem expands.

THE RISKS-

Egypt’s vital systems are squarely in hackers’ sights, with power grids, banking networks, transportation, and government operations facing relentless threats, Hagag told us. A breach in any of these systems could trigger massive disruptions or expose highly sensitive data. Phishing scams are also on the rise, with cybercriminals fine-tuning fraudulent emails and messages to siphon personal and financial information. Meanwhile, ransomware continues to paralyze systems and wipe out critical data, leaving both organizations and governments scrambling to recover.

The explosion of IoT devices adds another layer of risk: Poorly secured internet-connected devices are becoming gateways for hackers to infiltrate larger networks, Hagag noted. State-sponsored cyberattacks are also escalating, targeting national infrastructure and corporations with espionage-driven precision that challenges even the most advanced defenses.

AI is rewriting the rules of cyber warfare: According to a Capgemini online event attended by EnterpriseAM, cybercriminals are currently leveraging AI to supercharge their attacks, from high-fidelity deep fakes and social engineering scams to data-targeted strikes like AI worms and prompt injections. These sophisticated tools thrive on an expanding attack surface fueled by remote work, cloud adoption, and operational tech, making breaches more frequent than ever.

The scale of the threat is stark: Egypt has emerged as a key target for cybercriminals in 1H 2024, with 22 databases leaked on the dark web, including 16 corporate breaches, according to Russian cybersecurity firm Kaspersky’s Middle East cybersecurity threat assessment (pdf). Over 3.8 mn records, nearly 2 mn linked to government accounts, were exposed. During the first half of the year, dark web marketplaces featured 38 unique ads globally for initial access to corporate networks, with Egypt contributing eight posts and five unique ads targeting industries such as government, healthcare, IT, and financial services.

Ransomware attacks hit Egypt hard in 1H 2024, with six incidents primarily targeting government entities — a hallmark of financially driven hackers zeroing in on high-value victims. While revenue and industry potential often dictate their targets, geopolitical tensions have also shaped their focus. Construction firms and business service providers joined government bodies as the top sectors under siege in the region, underscoring the calculated nature of these attacks.

THE RESPONSE-

Egypt is stepping up its fight against rising cyber threats with a multi-layered approach that blends technology, education, and collaboration, according to Hagag. Public awareness campaigns and professional training programs are central to this strategy, equipping individuals and organizations with the tools to identify and counter cyberattacks. At the same time, investments in advanced technologies like artificial intelligence, blockchain, and encryption are bolstering Egypt’s ability to detect and neutralize threats before they escalate.

The Madbouly government is on the case: The new cabinet announced back in July that it would be looking to roll out new legal and regulatory frameworks to promote cybersecurity and combat cybercrimes while putting in place plans to hedge against cyberattacks.

We can deploy AI to ward off cybercriminals: AI is strengthening defenses by improving threat detection, supporting investigations with vast data analysis, and enabling automated responses to incidents, Capgemini global cybersecurity lead Marco Pereira said. As organizations prepare for the future, generative AI has emerged as a top priority for 2025, underlining its potential to stay ahead of evolving threats while reshaping how businesses defend themselves in the digital age.

LEGISLATION IS PLAYING CATCH UP-

More needs to be done on the legislative front: While Egypt’s 2020 Personal Data Protection Act laid a foundation for safeguarding personal data, updates are urgently needed to keep pace with evolving technology and impose tougher penalties on cybercriminals, according to Hagag.

International cooperation is also on the cards: With cyber threats increasingly crossing borders, stronger international cooperation is critical to effectively combat cross-border attacks and protect Egypt’s digital landscape, Hagag added.

The private sector is central to the strategy, with the government promoting investment in cybersecurity and incubators for startups. Large companies are also being urged to enhance data protection to safeguard against growing cyber risks.

More AI legislation is also on its way: The second phase of the National ArtificialIntelligenceStrategy is set to kick off soon, CIT Minister Amr Talaat said last month.

THE TALENT GAP-

A shortage of skilled cybersecurity professionals remains a significant challenge for Egypt, Hagag highlighted. Addressing this gap requires expanding higher education programs to include specialized courses in cybersecurity, networking, and computer science. In addition, Haggag emphasized the importance of training initiatives that offer globally recognized certifications, such as CISSP, CEH, and CompTIA Security+, to equip professionals with the expertise needed to strengthen the country’s cybersecurity workforce.

While there’s a need for skilled cybersecurity professionals in Egypt, new initiatives are emerging to close the gap. The Export Development Bank, in collaboration with the Central Bank of Egypt’s Egyptian Banking Institute, has launched the Information Security Academy to train IT graduates in cybersecurity, addressing a critical need for expertise in protecting the nation’s digital infrastructure. Similarly, the American University in Cairo has introduced a cybersecurity major to prepare students for the growing demand in the job market for professionals capable of countering sophisticated cyber threats.

Efforts to build talent are also expanding through innovative platforms: Edtech company EYouth rolled out the EGP 2 bn NextEra Education, offering AI-powered, globally accredited programs in cybersecurity, programming, and data science through partnerships with international universities. On the corporate front, Deloitte’s new Cairo innovation hub aims to hire 5k skilled professionals over three years, backed by a USD 30 mn investment, with a focus on AI, data analysis, and cybersecurity. These initiatives mark significant strides in cultivating the talent needed to secure Egypt’s digital future.

ON THE REGIONAL FRONT-

The average cost of a cyberattack in the Middle East has surged to USD 8.8 mn — nearly double the global average — highlighting the region’s escalating vulnerability to cyber threats, according to Positive Technologies’ Middle East cybersecurity threats report. Between 3Q 2023 and 2Q 2024, cyberattacks tripled during periods of geopolitical tension, with hacktivist groups and advanced persistent threats (APTs) targeting critical sectors such as government, manufacturing, and telecommunications.

Government institutions bore the brunt of the attacks, accounting for 24% of incidents, while 17% targeted manufacturers. High-profile breaches included a cyberattack on the UAE’s Lulu Hypermarket, which exposed over 200k customer records. Meanwhile, sophisticated ransomware groups disrupted energy and water systems, including a hack that temporarily shut down 70% of gas stations in Iran.

With the Middle East’s cybersecurity market projected to hit USD 23.4 bn by 2028, regional governments and companies are ramping up investment in AI-driven threat detection and compliance frameworks. However, as cybercriminals evolve their tactics, the report highlights the urgent need for proactive and scalable defenses to safeguard the region’s critical infrastructure and burgeoning digital economy.

Tags: