The General Department of Cybersecurity

Today’s world, in all its methods, patterns, and details, has become closely connected to ever-evolving global networks, as well as information technology systems and operational technology systems. It has effectively become a small global village in which everyone interacts, communicates, and shares information and ideas. Most essential aspects of daily life are now linked to the smooth flow of information, its security, and the integrity of the systems that manage it.

With this progress, the world is preparing to enter the Fourth Industrial Revolution, which is based on technologies characterized by rapid growth in computing power, massive capabilities for data storage and exchange, and readiness to deal with the outputs of artificial intelligence, robotics, and autonomous systems. This requires smart adaptation, the development of specialized capabilities, and alignment with cybersecurity requirements.

Based on the Islamic University’s awareness, in cooperation with the National Cybersecurity Authority, of these changes and its engagement with contemporary developments, and in translation of the leadership’s approach in our country to be a successful and globally leading model across all fields, and in line with Saudi Vision 2030, which has made digital transformation and the development of digital infrastructure among its key objectives, and in recognition of the importance of data, technical systems, and sensitive infrastructure and their connection to administrative interests, as well as the importance of protecting them from threats and risks in cyberspace, the General Administration of Cybersecurity was established and affiliated directly with the President of the University, may Allah protect him. This administration serves as the competent authority for cybersecurity at the University and the national reference in its affairs, and aims to enhance cybersecurity in order to protect the University’s vital interests, security, sensitive infrastructure, priority sectors, services, and administrative activities. This does not exempt any entity from its responsibility for its own cybersecurity, provided that this does not conflict with the authorities and responsibilities assigned to the administration under its regulations.

The regulations of the Cybersecurity Administration define cybersecurity as the protection of networks, information technology systems, operational technology systems, and their components, including hardware and software, the services they provide, and the data they contain, from any unauthorized or unlawful breach, disruption, modification, access, use, or exploitation. This concept also includes information security, electronic security, digital security, and similar fields.