Kingdom of Saudi Arabia Β· NCA-led delegation
No photo yet β not yet visited
Saudi Arabia has emerged as one of the most serious cybersecurity investors in the world, driven by two things in parallel: the genuine threat environment (Shamoon crippled 30,000 Aramco workstations in 2012; the threat never stopped) and Vision 2030's ambition to digitize a petro-state economy in under a decade. The National Cybersecurity Authority (NCA) was stood up in 2017 and has moved fast β issuing sector-specific frameworks, standing up a national SOC, and beginning to push domestic capability development over pure import.
At RSA, the Saudi pavilion typically presents a government-anchored story with a mix of national agencies, state-linked enterprises (Aramco, STC), and an emerging startup cohort. The pitch is increasingly mature: this is not a country just buying Western tools β it's one actively building domestic capability, partly for sovereignty reasons, partly because the threat environment demands it.
Saudi Arabia's apex cybersecurity body β sets national strategy, issues regulations (ECC, CSCC frameworks), and coordinates the Kingdom's cyber posture across critical sectors. Stood up in 2017 under Vision 2030. Usually the pavilion's anchor and the face of Saudi cyber diplomacy internationally.
The cybersecurity arm of Saudi Telecom Company β the Gulf region's largest MSSP. Covers threat intelligence, SOC-as-a-service, cloud security, and OT/ICS security for the Kingdom's energy and industrial sectors. Has real production deployments across Aramco's vendor ecosystem and Saudi banking.
Aramco's internal cybersecurity capability β forged in the aftermath of the 2012 Shamoon attack that wiped 30,000 workstations. One of the most battle-tested OT/ICS security programs in the world. May appear at the pavilion directly or via a commercial spin-out. If present, prioritize: they have production context that no Western vendor can replicate.
Governs data policy, AI strategy, and digital ID infrastructure for the Kingdom. At RSA their angle is the intersection of AI governance and cyber risk β data sovereignty, AI-enabled threat detection, and securing the Vision 2030 digital transformation at scale. Relevant if you work in AI security policy or cloud data regulation.
A growing cohort of Saudi-founded or Saudi-backed cybersecurity startups β often supported by NCA's accelerator programs or Aramco's entrepreneurship funds. Focus areas trend toward OT security, Gulf threat intelligence, and identity/access management for the Vision 2030 digital infrastructure buildout. These are the ones to spend time on: smaller, earlier, but building for a threat environment that most Western startups haven't faced.
Fill in after visit.
Fill in after visit.