Mohamad Al Osaimi, Chief Security Officer at Huawei Saudi Arabia, speaks to Teletimes International about aligning cybersecurity strategies with Vision 2030, protecting national infrastructure, and building Saudi Arabia’s digital sovereignty through local talent development and secure innovation
Teletimes: As CSO of Huawei Saudi, how do you tailor your security strategy to support the Kingdom’s Vision 2030 objectives?
Mohamad Al Osaimi: Vision 2030 is transforming Saudi Arabia, and security is fundamental to making it succeed. Huawei has carefully aligned its strategy to ensure that as the Kingdom advances digitally, it builds on secure foundations that support its ambitious goals.
We maintain continuous dialogue with Saudi government agencies and businesses to understand their specific security requirements. What works in other markets doesn’t necessarily translate here – the Kingdom has unique priorities that demand customized approaches rather than generic solutions.
“Vision 2030 emphasizes building a knowledge economy, so Huawei has established partnerships with Saudi educational institutions to nurture the next generation of cybersecurity professionals, creating sustainable capabilities that will serve the Kingdom for decades”
Developing local expertise has become central to our mission. Vision 2030 emphasizes building a knowledge economy, so Huawei has established partnerships with Saudi educational institutions to nurture the next generation of cybersecurity professionals, creating sustainable capabilities that will serve the Kingdom for decades.
TT: What are the key cybersecurity risks facing critical infrastructure in Saudi Arabia today?
MO: Critical infrastructure in Saudi Arabia faces sophisticated and targeted threats. The energy sector, vital to the Kingdom’s economy and global markets, attracts particularly advanced threat actors with substantial resources behind them.
We’re witnessing an increase in state-sponsored attacks targeting strategic sectors. These aren’t opportunistic criminals but well-funded operations with specific objectives. Defending against such adversaries requires security capabilities that match their sophistication and persistence.
The rapid deployment of IoT devices and industrial control systems has significantly expanded potential attack vectors. Many operational technology systems were designed for efficiency rather than security, creating vulnerabilities that require careful remediation to avoid disrupting essential functions.
Ransomware has evolved from a nuisance to an existential threat. Global losses are expected to reach $57 billion this year, with attacks becoming more targeted against infrastructure that cannot tolerate downtime. The global shortage of security talent further complicates these challenges – there simply aren’t enough trained professionals to address the growing complexity of hybrid environments and maintain comprehensive visibility across interconnected systems.
TT: What is your approach to ensuring compliance with Saudi Arabia’s National Cybersecurity Authority (NCA) regulations?
MO: Compliance with NCA regulations is integral to our operations, not a separate checklist activity. We maintain ongoing communication with the Authority to anticipate evolving requirements rather than just responding to new mandates after they’re issued.
Huawei has implemented a structured framework that maps our security controls directly to NCA requirements, ensuring all solutions meet or exceed these standards. Regular internal assessments and independent third-party verification objectively evaluate our compliance posture and identify opportunities for enhancement.
Our Cloud Service Cybersecurity & Compliance Standard framework (3CS), which incorporates more than 16 global security standards, provides a consistent foundation for compliance across all deployments within the Kingdom. This approach helps our customers demonstrate their own regulatory compliance more efficiently.
Transparency builds trust with both customers and regulators. We maintain comprehensive documentation that demonstrates our commitment to meeting Saudi Arabia’s requirements. This open approach has fostered productive relationships with regulatory authorities based on mutual respect and shared security objectives rather than minimum compliance.
TT: How does Huawei handle customer data protection and sovereignty in the Saudi market?
MO: Data sovereignty is a non-negotiable priority in Saudi Arabia, and Huawei has structured our entire approach around respecting this principle. We implement strict data localization practices, ensuring that sensitive information remains within the Kingdom’s borders and fully aligns with Saudi requirements and national security interests.
Our Data Security Center (DSC) provides comprehensive tools for classification, risk identification, watermarking, and data masking. This visibility across the entire data lifecycle gives organizations confidence in their information governance, even as they leverage advanced cloud capabilities. The fundamental principle guiding our approach is straightforward: customers maintain complete ownership and control of their data at all times. We serve as technology providers, not data owners, claiming any rights to customer information. This clear boundary reflects our commitment to respecting privacy and sovereignty principles.
Beyond technical controls, we invest heavily in training our teams on Saudi data protection requirements and cultural expectations. This ensures our practices align with both regulatory mandates and the Kingdom’s values around data sovereignty, creating a foundation of trust with customers across government and private sectors.
TT: What training or workforce development initiatives is Huawei involved in to build local cyber talent?
MO: The global cybersecurity talent shortage presents particular challenges in rapidly developing markets like Saudi Arabia. Huawei has made workforce development a strategic priority, working across multiple fronts to build local capabilities that support digital sovereignty.
Our collaborations with Saudi universities have yielded significant results. Rather than simply providing equipment, Huawei helped develop specialized curricula that give students hands-on experience with the tools and techniques they’ll need in professional environments. The feedback from academic partners has confirmed the value of this practical approach.
The Huawei ICT Academy program has expanded across the Kingdom, creating partnerships with educational institutions to deliver training and certification pathways that develop marketable skills. Our certification process maintains rigorous standards to ensure graduates are truly prepared for security roles.
At LEAP this year, Huawei, in conjunction with the Saudi Ministry of Communication and Information Technology (MCIT) announced the launch of the Huawei Skilling Development Centre, a new initiative to strengthen the Kingdom’s digital talent landscape. With a goal to upskill and reskill 25,000 local talents by 2030, the Centre will implement a comprehensive yearly training calendar focused on key technologies, including artificial intelligence, cloud computing, cybersecurity, and emerging digital platforms.
We complement these academic initiatives with real-world opportunities. Our internship programs give Saudi nationals direct experience in our security operations centers, working alongside experienced professionals. The technical workshops and seminars we regularly conduct help practicing security professionals stay current with evolving threats and countermeasures, strengthening the overall security ecosystem within the Kingdom.
TT: What strategic initiatives is Huawei Saudi taking in 2025 to lead in secure digital transformation?
MO: For 2025, we’re focusing on several strategic initiatives that align with Saudi Arabia’s digital ambitions. We’re expanding our AI-native security portfolio with solutions specifically tailored to the Saudi context. Global technologies often require adaptation to local requirements, threat landscapes, and regulatory frameworks – an area where our local expertise provides significant value.
“We’re expanding our AI-native security portfolio with solutions specifically tailored to the Saudi context”
For example, Huawei’s partnership with Jeraisy Group demonstrates AI collaboration at scale. By combining their deep understanding of local needs with our global technology capabilities, we deliver technologically advanced and culturally appropriate solutions. This collaboration model has proven especially effective in sensitive sectors like government and healthcare.
Ransomware protection has emerged as a critical priority for Saudi organizations. Our multilayered defense systems now achieve 99.99% detection rates while preventing lateral movement within networks – essential capabilities when protecting national infrastructure. Similarly, Huawei’s unified security operations through SecMaster help organizations manage growing complexity while addressing the talent shortage.
What unifies these initiatives is our commitment to Saudi Arabia’s digital sovereignty. As the Kingdom develops its innovation economy, trusted technology partnerships that respect local priorities become increasingly vital. Huawei is proud to support the nation’s digital future while developing the local talent and capabilities to sustain these advances for generations.
