-
Business risk services
The relationship between a company and its auditor has changed. Organisations must understand and manage risk and seek an appropriate balance between risk and opportunities.
-
Marketing and Client Service
We offer strategy, client service, digital and insight solutions to businesses that are shaping the future across the Middle East.
-
Forensic services
At Grant Thornton, we have a wealth of knowledge in forensic services and can support you with issues such as dispute resolution, fraud and insurance claims.
-
Transaction Advisory
Globalisation and company growth ambitions are driving an increase in transactions activity worldwide. We work with entrepreneurial businesses in the mid-market to help them assess the true commercial potential of their planned acquisition and understand how the purchase might serve their longer-term strategic goals.
-
Growth services
We have designed and developed growth services to support your business at each phase of its growth. So whether you are an SME that has just set up or a large business wishing to expand, at Grant Thornton we will help you unlock your potential for growth.
-
IFRS
At Grant Thornton, our IFRS advisers can help you navigate the complexity of financial reporting.
-
Audit quality monitoring
Having a robust process of quality control is one of the most effective ways to guarantee we deliver high-quality services to our clients.
-
Global audit technology
We apply our global audit methodology through an integrated set of software tools known as the Voyager suite.
In order for Saudi Arabia to achieve its ambitious goals, a strong and secure digital infrastructure is essential. Cyber-attacks can have a devastating impact on businesses and economies, so it’s important for companies to invest in robust cyber security measures.
Key Facts & Figures
Globally, the cyber security industry is anticipated to reach almost $366.10 billion by 2028, and trends within Saudi Arabia are expected to follow this pattern. The Saudi Arabia Cyber Security Market is projected to grow at a CAGR of 12.4% between 2020 and 2026, with the market size reaching SAR21 billion ($5.6 billion) by the end of 2023.
Between 2016 and 2018, the nation came in sixth place globally as most affected by cyber-attacks. In 2019, Saudi Arabia and the UAE had the second-highest average cost per data breach at SAR22.4 million ($5.97 million), according to a report issued by IBM. In the same year, these two Gulf nations also experienced the highest average number of breached records — 38,800 per incident compared to a global average of 25,500 records per incident.
Meanwhile, ransomware attacks also continue to pose a serious threat to Saudi organisations. 88% of organisations in Saudi Arabia have reported some form of an attempted ransomware attack, which is a relatively high figure in comparison to the global average. It is currently estimated that businesses in Saudi Arabia lose around $6.53 million per cyber-attack of this kind.
Considering the rapid technological advancements seen within Saudi Arabia over the past ten years, these figures are not surprising. Without the right cyber security infrastructure in place, businesses will be vulnerable to costly data breaches and attacks.
Vision 2030 & The National Digital Transformation
The increasing use of technology in Saudi Arabia is driving the continued demand for cyber security solutions. As the economy moves towards digital transformation, more businesses are adopting eCommerce and other online platforms. The number of components that are accessible remotely is also growing across industries, providing additional points of vulnerability.
These factors are all contributing to the increased rate of cyber-attacks, which means enforcing effective cyber security measures is the only way forward for Saudi businesses.
“Cyber security risks have increased dramatically due to businesses being unprepared and rapidly shifting to adopt the new norm. With single access, malware or viruses can go through the VPN and compromise the entire company’s network. We urge businesses to consider adopting effective strategies to mitigate such risks.”
Ahmad Al Zoubi, Director, Advisory
Aldar Audit Bureau - Grant Thornton, Saudi Arabia
The government has identified cyber security as a strategic priority, and businesses are investing in new solutions to protect themselves from attacks. The National Cybersecurity Authority (NCA) was established in 2017 as part of Saudi Arabia’s National Cyber Security Strategy. Since its foundation, the NCA has set out to establish the minimum standards of cyber security for national and government agencies at risk of cyberattack within the Kingdom. They have provided extensive policies and frameworks to assist these organisations to protect their data and networks.
The National Digital Transformation Programme has also seen increased funding funnelled towards cyber security solutions. The programme, which is aimed at modernising the Saudi economy, led to cybersecurity investments reaching $425 million in 2020.
Looking Ahead
As Saudi Arabia moves towards Vision 2030, the need for cyber security solutions is only going to increase. Businesses must invest in robust security measures to protect themselves from costly data breaches and attacks. According to a report by the IDC, 45% of Saudi organisations have already implemented advanced security measures and 48% are in the process of doing so.
The National Cybersecurity Authority has set out minimum standards for cyber security, and businesses are advised to adopt these measures to ensure the safety of their data. Cybersecurity will continue to be a strategic priority for Saudi Arabia, and businesses should make it a priority to avoid costly breaches financially and reputationally.
Our team of local experts can support businesses to manage their forensic and cyber-exposure through our proven methodology, which includes:
Prepare
We help you understand your current exposure to cyber security risk and support you to develop an effective security capability. Our services include cyber security risk and threat assessments; security policy development; security -process or technical assessments; and third-party cyber security assurance.
Protect
We develop and implement the technical framework and broader processes required to protect. We can help you with security architecture; security technology implementations; security process design and implementation; identity and access management; privacy and data protection; data classification; enterprise application integrity; business continuity and disaster recovery; and penetration testing
React
We work with you to support and monitor your cyber security operations and help you to respond rapidly and forensically in the event of a security or data breach
Change
We can help you improve and better manage your cyber security capability. Our services include security programme strategy and planning, security governance, and security awareness.