The truth about technology is that “change is the only constant,” especially in the cybersecurity space. This change could have positive or negative implications as time progresses in a world where cyber threats continue to evolve, posing a significant risk to organisations globally. Therefore, the need for robust cybersecurity strategies is more crucial than ever. Recognising this growing threat, Mohannad Alkalash took a proactive step by launching CyberX back in 2019. Before the world felt the full force of escalating cyberattacks, CyberX has stood and continues to stand as the pioneering Arabic platform dedicated to equipping both individuals and organisations with the essential knowledge required for safe navigation through the digital landscape.
Headquartered in Riyadh, Saudi Arabia, CyberX aims to be the leading hub for cyber awareness in the Arab world, with plans to expand its footprint across all Arab countries and beyond. CyberX is a platform with a firm commitment to fostering cybersecurity awareness, enriching Arabic content in this domain, and facilitating the exchange of expertise among professionals on the latest advancements in the field.
In an exclusive interview with edge/, Alkalash put the spotlight on the significance of cybersecurity awareness, particularly emphasising the human element. He noted, “Cybersecurity awareness extends beyond mere technological fixes; it involves a cultural shift within organisations.”
“As a critical component of the global information security programme and a means of changing cyber culture by increasing responsibility, awareness, and security online, cybersecurity awareness is essential for any organisation. It also enables you to accomplish a great deal of tasks that are on any organisation’s to-do list, such as cutting down on needless losses, upholding compliance marketing for the cybersecurity department, minimising human error in the digital realm, fostering engagement with the organisation as a whole, and preserving credibility and trust,” he said.
Often, security breaches are perceived as isolated incidents, where vulnerabilities are exposed, and data is leaked. The reality, however, is a labyrinth of interconnected threats in the dark corners of the web, where information becomes a commodity, and organisations face the daunting prospect of breaches affecting not only them but entire regions and countries. This is where awareness becomes key.
Cyberology: The blend of cybersecurity and psychology
As we unravelled the layers of CyberX’s genesis, it became evident that the core philosophy is what sets them apart. The mission as Alkalash said, is “To leave a lasting impact on people across the Arab world, creating a paradigm shift in cybersecurity awareness.” They achieve this by understanding what they call “Cyberology”: the blend of cybersecurity and psychology.
“The primary motivation and inspiration behind the creation of the CyberX platform stemmed from our recognition of the lack of structured, quantifiable, and enhanceable awareness initiatives in the conventional approach to awareness. We observed that traditional awareness methods relied on sporadic activities from the customers, such as sending emails, creating simple motion graphics, and often utilising pre-made content and disseminating it among the audience. This trend persisted over time, due to the absence of a structured programme from the cybersecurity awareness team to address and manage such activities.
Recognising this gap, we identified the need to develop a systematic approach and integrate cybersecurity with psychology. This realisation led us to coin the term “Cyberology” – a concept aimed at bridging the cultural and psychological aspects within the realm of cybersecurity,” said Alkalash.
Cyberology goes beyond mere technicalities, it is about melding collective attitudes, beliefs, behaviours, and practices related to cybersecurity within an organisation or community. It’s about creating a shared understanding of the importance of cybersecurity, instilling a sense of responsibility in individuals to protect digital assets, and foster the adoption of best practices to mitigate the cyber threats.
The importance of cultivating a robust cybersecurity culture within an organisation becomes evident in the digital terrain where cyber threats are not static entities but dynamic forces that demand a proactive approach. Cyberology serves as a guiding principle, fostering resilient defence against cyber-attacks through crucial elements such as awareness and education, responsibility, collaboration, risk management, continuous improvement, leadership, and support. This concept is implemented into CyberX through their AwareX awareness program.
Insights framework The heart of CyberX
With the concept of Cyberology and the AwareX programme, what comes to light is the methodology implemented. To address the void in cybersecurity awareness frameworks, CyberX introduced the INSIGHT Framework, a structured approach that aligns with its acronym (Initial, Notice, Strategise, Initiate, Gauge, Harness, and To Reinforce). Each phase in this framework plays a specific role in the intricate part of building a comprehensive cybersecurity awareness programme.
CyberX’s systematic approach to implementing the INSIGHT Framework guides a journey through the complexities of cybersecurity awareness. It starts with the foundational step of raising awareness, focusing not only on threats but also on the importance of security itself. This entails offering comprehensive training, education, workshops, and engaging content.
“To protect digital resources and educate employees and community members about current threats, best practices, and pertinent information, we began by educating people about the significance of security and offering appropriate training, workshops, content, and engagement. Our goal is to support organisations in three primary areas: Providing the organisation with an awareness index, identifying any subsidiaries or contractors, and providing an awareness index about them, and enabling the organisation to have a risk profile index for every member and employee,” said Alkalash.
What the future holds
As CyberX continues to make significant strides in Saudi Arabia, Egypt, and Jordan, the organisation’s vision extends beyond geographical boundaries. The goal is not merely expansion but the establishment of official offices in more countries, forging partnerships with cybersecurity authorities, and solidifying its presence as a ubiquitous entity in the global cybersecurity landscape.
“Our aspiration is to evolve into a global enterprise, and we’re thrilled about the impending release of our new book, “AwareX”. Embracing the concept of “Glocalisation,” we seek to blend global and local influences, fostering a “Glocal” approach. Our objective is to cultivate support rooted in each culture, leveraging resources from diverse nations to enhance knowledge and awareness in the Arab world. We are enthusiastic about extending this initiative worldwide, amplifying our impact on a global scale.”
Alkalash said that the essence lies in collaboration, working closely with authorities to spread awareness and fortify the digital ramparts. By doing so, CyberX aims not only to secure digital assets but to foster a profound change in the way societies perceive and approach cybersecurity. The focus remains steadfast to provide structured cybersecurity awareness programmes and digital knowledge to organisations and countries, creating a resilient and informed global community.
