New Saudi Report Puts Power-Sector Cyber Resilience in Focus
A report by Saudi Arabia’s National Cybersecurity Authority examines the growing cyber risks facing electricity systems and points to operational complexity, skills shortages, and the need for stronger resilience across critical infrastructure
Saudi Arabia’s National Cybersecurity Authority has published a report titled Cybersecurity in the Electricity Sector, putting fresh attention on one of the most sensitive areas of critical infrastructure protection. According to the indexed summary of the report, it draws on leading research, literature and interviews with subject matter experts from academia, the electricity sector and cybersecurity to assess how the sector can improve its cyber posture.
Report positions electricity cybersecurity not simply as an IT issue, but as a strategic resilience priority.
The report appears to focus on the structural challenges that make cybersecurity in electricity more difficult than in many other industries. Its summary says the study examines key obstacles to stronger protection, including contrasting security requirements and a shortage of cyber skills. That matters because electricity operators must secure digital environments without compromising safety, continuity and the real-time performance of operational systems.
For the wider Middle East, the report adds to a growing conversation around protecting energy infrastructure as utilities become more connected, automated and data-driven. The issue is gaining urgency globally: Eurelectric said in February 2025 that cyberattacks in the power sector doubled between 2020 and 2022, underscoring why cyber resilience is now central to energy security.
The Saudi report also fits into a broader national push to formalize cyber governance. The NCA’s Essential Cybersecurity Controls were updated in 2024, with the authority stating that the framework will be reviewed and updated in line with changing cybersecurity requirements and industry developments.
Taken together, the report positions electricity cybersecurity not simply as an IT issue, but as a strategic resilience priority. For utilities, grid operators and industrial players across the Gulf, the message is clear: stronger governance, better sector-specific expertise and closer alignment between cyber protection and operational continuity will be essential as power systems continue to digitize.
For the complete report visit: https://nca.gov.sa/ar/cres_en.pdf
