As Egypt navigates the complexities of a digital age, the importance of cybersecurity has become increasingly evident. With rising cyber threats institutions worldwide face ransomware attacks at an average rate of one every 11 seconds. The global cost of cybercrime was estimated at USD 8.4trn in 2022, with an annual cost expected to exceed USD 20trn by 2026. 

In recent years, Egypt has managed to maintain low rates of online threats, despite vulnerabilities in web pages, emails, and web services. Thanks to the efforts of the Ministry of Communications and Information Technology (MCIT) and other government entities to enhance cybersecurity, there is significant potential for further reductions in these threats through improved legislative frameworks, public-private partnerships, and education. This article will explore the threats, challenges, and opportunities of cybersecurity to enable Egypt to become resilient and capitalize on the large revenue potential of the sector. 

 

Impacts of a Conducive Regulatory and Legislative Environment on Cybersecurity 

 

An enabling regulatory and legislative environment is crucial for strengthening cybersecurity in Egypt as it creates safety measures for users, companies, and government entities. In Europe, the General Data Protection Regulation (GDPR) has been instrumental in enforcing stringent data protection and privacy practices, driving organizations to implement robust cybersecurity measures. The European Union Agency for Cybersecurity (ENISA) provides support and guidance to member states, facilitating a unified approach to cybersecurity. Regional frameworks developed in the UAE, Saudi Arabia, Qatar, and Oman have provided use cases for implementing cybersecurity frameworks that both enable safety and encourage private sector participation for greater outreach and sectoral knowledge.  

 

In Egypt, Law No. 151 of 2020 Promulgating the Personal Data Protection Law (PDPL) has put Egypt on the map, regionally, as it began to make serious efforts toward digital transformation and cybersecurity. However, four years after its issuance, the Executive Regulations of the law have not been issued, putting these efforts to a great halt, and leading Egypt to fall behind in developing its ICT sector, in comparison to its neighboring countries. With that being said, this allows Egypt to gather lessons learned from similar regulations on the regional and global levels, to create and lead the cybersecurity sector. Similarly, in 2018 Egypt issued Law No. 175 of 2018 on Anti-Cyber and Information Technology Crimes and its Executive Regulations, which provided mandates on the basic standards that must be followed by any information technology service provider. However, as the cybersecurity sector evolves and new threats are on the rise, gap analysis on the existing systems would showcase new technologies and ensure solid compliance. 

 

Public-Private Partnerships

 

Public-private partnerships (PPPs) play a crucial role in developing a comprehensive cybersecurity strategy by integrating the strengths and resources of both sectors. For Egypt, leveraging such collaborations can enhance its cybersecurity posture and create a more resilient digital ecosystem. The Egyptian Supreme Cybersecurity Council (ESCC), part of the Egyptian Cabinet, has developed the National Cybersecurity Strategy for 2023-2027. This strategy focuses on tackling the rising cyber threats from various sources while fostering human capital and building a strong national industry. Public-private partnerships are integral to this effort, as they will enhance collaboration and innovation, ultimately contributing significantly to Egypt's GDP. This collaborative approach also enhances situational awareness, enabling quicker identification of threats and more coordinated responses. 

 

Collaborative development of cybersecurity standards and best practices is vital for ensuring consistent and effective security measures across sectors. Public-private partnerships can facilitate the creation of national cybersecurity guidelines that address specific needs and challenges faced by various industries. By working together to establish these standards, Egypt can ensure that they are practical, widely accepted, and effectively implemented, thereby strengthening overall cybersecurity resilience. 

 

Cybersecurity Education and Awareness

 

Cybersecurity education and awareness are fundamental to building a resilient digital environment. The Egyptian Computer Emergency Readiness Team (EG-CERT) has launched multiple cybersecurity awareness campaigns aimed at schools with “cybersecurity for kids” campaigns to develop a robust cybersecurity environment. Moreover, Training programs should cover a wide range of topics, including basic cybersecurity concepts, threat identification, safe online practices, and incident response. These programs can be tailored to different audiences, such as executives, IT professionals, and general employees, to address their specific needs and responsibilities.

 

Public-private partnerships can support the development and dissemination of educational resources, such as online safety campaigns, workshops, and training programs. These initiatives help individuals and businesses understand the importance of cybersecurity, recognize potential threats, and adopt safe online behaviors. 

 

Conclusion

 

As Egypt advances in the digital realm, the government can navigate the intricate balance between enhancing cybersecurity and protecting privacy. By refining legislative frameworks, fostering public-private partnerships, and investing in education and awareness campaigns, Egypt can secure its digital frontier. The challenge is significant, but with a collaborative and holistic approach, Egypt can emerge as a leader in cybersecurity while upholding the values of privacy and security.

In today’s hyper-connected world, where technology is constantly evolving, cybersecurity is no longer the exclusive concern of IT professionals and cybersecurity experts. The rapid rise of digital technologies has blurred the line between the traditionally so-called “tech-savvy” professionals and the average user. This is simply because now, more than ever, everyone who uses a device connected to the internet is a potential target for cyber threats. As a result, understanding the fundamentals of cybersecurity is becoming a shared responsibility that everyone should embrace.

 

The Expanding Digital Landscape

The digital landscape has rapidly expanded, bringing conveniences like instant communication, online shopping, and remote work. However, this increased connectivity has also introduced significant risks, with cybercriminals targeting not only large corporations but also everyday internet users through tactics such as phishing and ransomware. A common misconception is that cybersecurity is too complex for the average person and is only for experts with years of education and practical experience. In reality, while advanced cybersecurity may require specialized technical knowledge, the fundamentals are accessible to everyone. As digital services and personal data collection become more widespread, cybersecurity has evolved into a shared responsibility, requiring everyone to take simple precautions to stay safe online, whether on a personal or professional level.

Phishing remains the most common type of cyberattack. According to a report by security company Egress, 94% of organizations fell victim to phishing attacks in 2023. Additionally, Trend Vision One – Email and Collaboration Security identified more than 45 million high-risk email threats in 2023, beyond those detected by built-in Microsoft 365 and Google Workspace security. And With flexible and remote workforces continue to cause gaps in cloud security to be exploited, cybercriminals are leveraging blind spots in email services’ built-in security.

 

Cybersecurity Myths: It’s Not Just for Experts

A common misunderstanding in cybersecurity is the belief that it is too intricate and only relevant for specialists with extensive training. This mindset often leads people to underestimate the significance of safeguarding their personal and/or professional devices, and online activities, assuming they aren't at risk or that they lack the expertise to take meaningful action. The truth is that while the field of cybersecurity does include highly advanced systems and technical strategies, the foundational steps—such as creating strong passwords, enabling two-factor authentication, and recognizing phishing attempts—are straightforward and can be easily implemented by anyone. These simple yet effective measures play a crucial role in minimizing the risk of cyber threats, empowering everyday users to take control of their own digital security. By demystifying cybersecurity, we can shift the responsibility from a niche group of experts to a shared effort where every individual plays a part in protecting the digital ecosystem.

Fundamental Cybersecurity Knowledge Everyone Should Know

So, what are the basic cybersecurity skills that everyone needs? Fortunately, they are simple yet highly effective:

• Password Hygiene: Using strong, unique passwords is one of the most basic ways to protect yourself online. Implementing two-factor authentication (2FA) adds an additional layer of security. A good rule of thumb is to use a password manager to create and store complex passwords.
• Recognizing Phishing Scams: Phishing emails often pose as legitimate communications but aim to steal your information. Learning to spot suspicious links, poor grammar, and unfamiliar email addresses can prevent falling victim to these scams.
• Safe Browsing Habits: Never enter personal information on unfamiliar websites or unsecured networks. Always check for HTTPS in a website’s URL, especially when making financial transactions.
• Updating Software Regularly: Keeping your operating system and software updated ensures that you’re protected against known vulnerabilities. Many cyberattacks take advantage of outdated systems, so enabling automatic updates is a simple way to stay protected.

These skills aren’t just for protecting your personal data; they’re also vital in the workplace, especially with the recent shift to remote work that has become increasingly common. Many jobs require handling sensitive information, and employees are often the weakest link when it comes to cybersecurity breaches. Basic cybersecurity training is becoming a necessity in all sectors, not just IT.

Increasing Awareness on Cybersecurity

There are several ways to address the need for basic public awareness on cybersecurity and sharing this knowledge. One effective way is integrating cyber security educational content into the curricula, and not only on the university level but also to tailor simple educational content for children at primary levels of education. This ensures that cybersecurity knowledge becomes a core component of digital literacy for future generations. Additionally, public-private partnerships can play a crucial role in fostering cybersecurity awareness where private sector companies can collaborate with the government on producing public cyber-security awareness campaigns. Several EU countries are already adopting this educational approach such as France, Germany, Greece, Poland, Romania, Spain, and Ukraine.  And in the MENA region, particularly in the UAE, there is a push for educational reforms that include practical cybersecurity education. Another area for public-private cooperation could be through supporting MSMEs (micro, small and medium enterprises) by providing them training and capacity building programs on cybersecurity, and funding for acquiring the cyber security solutions they need.

The responsibility for keeping cyberspace secure rests with everyone, not just the experts. By fostering a culture of cybersecurity awareness, we can all contribute to a safer and more secure digital world, which would inevitably contribute to a thriving digital economy.

Ambassador Omer Onhon
Former Turkish diplomat
Former Assistant Minister of Foreign Affairs for Middle East.

 

I have been to Egypt so many times during my career as a diplomat in the Turkish Ministry of Foreign Affairs and on each visit, I appreciate the many beauties and dynamism of this country.

I also see many reminders of our common history in Cairo. In fact, the same is valid in Istanbul with beautiful buildings such as Khedive Kasrı, Sait Halim Paşa Yalısıand the Egyptian Consulate building which was built in 1902 as a summer house for Khedive Abbas Hilmi Pasha.

Diplomatic ties between Türkiye and Egypt were established in 1925.

Throughout these years, at times, there have been fluctuations in relations. In this regard, the last decade in relations has been marked by political strains between the two countries but now, we are witnessing a process of return to normal.

I would like to emphasize at this point that relations between Türkiye and Egypt are based on solid foundations built by common history and deep social and cultural ties.

On 20 November 2022, Presidents Recep Tayyip Erdoğan and Abdel-Fattah Al-Sisi met in Doha, on the occasion of the opening ceremony of the FIFA World Cup.

Following the devastating earthquake of 6 February in Türkiye, Egypt was one of the countries which came with support. President Al-Sisi telephoned to extend condolences to his Turkish counterpart. Egyptian planes and ships carried relief assistance to Türkiye.

On 27 February, Minister of Foreign Affairs of Egypt, Sameh Shoukry, was at the port of Mersin on Türkiye’sMediterranean coast, with his Turkish counterpart, to meet the Egyptian ship carrying aid and then they made a helicopter tour over the earthquake hit areas.

The most recent development was the visit of MevlutÇavuşoğlu, Minister of Foreign Affairs of Türkiye when he came to Cairo 0n 18 March, on the invitation of his Egyptian counterpart. They met with their delegations and held a joint press conference afterwards. They made very promising statements as regards the relation between their two countries. They pointed out that the new era would affect not only bilateral relations but the Eastern Mediterranean and the whole region.

During the last decade when relations were not on a normal track, economic relations continued unhindered and even improved.

Trade volume between the two countries increased every year.

2014: $4.9bn

2018: $5.4bn

2021: $8.2bn

2022: $9bn

Main exports from Türkiye to Egypt are; motor vehicles, iron and steel products, machinery and electrical machinery, petroleum derivative fuels and plastics and products.

Main exports from Egypt to Türkiye are; plastics and various products of plastics (plastic raw materials, polypropylene, polyethylene and PVC), nitrogen and nitrogen fertilizers, industrial oils produced from petroleum and parts of electrical machinery and equipment.

Most of the major instruments and mechanisms in bilateral economic relations are already in place.

The Free Trade Agreement was signed in 2005 and came into effect in 2007.

Turkish-Egyptian Joint Committee, High Level Trade Consultation Mechanism, Business Forum and Business Council are long established as mechanisms to lead economic relations. As these mechanisms function more effectively, economic relations will further flourish.

Natural gas has opened up a potential new area of cooperation. Türkiye has already become one of the major importers of LNG from Egypt and there are ample opportunities for cooperation in this field.

There are around 200 Turkish companies in Egypt with an investment volume of about EGP 2bn. These companies provide employment (direct and indirect) for about 90 thousand Egyptians.

Egyptian Prime Minister Mostafa Madbouly met on 26 February, with representatives of Turkish companies in Egypt. The Prime Minister stated that this meeting is a step towards stressing the importance of trade and economic relations between Egypt and Turkey.

There are many similarities between Türkiye and Egypt:

-The two countries are two pillars at the southern and northern end of the Eastern Mediterranean.

-Their geographic locations are strategic and central in their importance.

-They are located on transit routes and have favorable global market access.

-With a population of 85 million people for Türkiye and 107 million for Egypt, they are very attractive domestic markets.

-In both countries, a young and dynamic population makes up a strong and competitive labor pool.

-Both are tourism and culture destinations with incredible history, cultural heritage, sun and sea.

The two countries may look as if they are competitors but in fact they complement each other. Cooperation between them would multiply their advantages and gains.

Good political relations between Türkiye and Egypt will have implications well beyond their own borders. Many regional issues will be easier to address. Security and stability in the region will get stronger. Cooperation in third countries will pave the way for new horizons.

The opportunities ahead are really very promising.

I would like to conclude on the note that I am grateful to my friend Moustafa Moharram, a leading public policy expert, for suggesting to me to write this article.

https://www.dailynewsegypt.com/2023/03/22/opinion-turkiye-and-egypt-for-better-times-with-many-opportunities/

 

This November, I had a delicious and duly missed English breakfast in honor of H.E Ambassador Gareth Bayley, the British Ambassador to Egypt - courtesy of the British Egyptian Business Association’s unequivocal hospitality.

Like all Scotsmen I’ve ever met, Ambassador Bayley would not let you enjoy your meal without bombarding you with humorous stories. But one story was, to me, a bit of a dark humor - here it is:

Planning a visit to the Middle East with one of his colleagues, the latter emphasised a series of business opportunities in the UAE, encouraging him to talk to investors here and there, and so on. Then when the conversation came to Egypt, his colleague stressed on the necessity of visiting the pyramids and a few museums - and stopped there – (the end).

I dropped my dearly held sausage-stuffed fork and had no thought in mind but “you bloody orientalists! If only Edward Said was here…”

But upon reflection, it seems counterintuitive that the same person who’d see Egypt (historically the first nation to modernise in the region) in an orientalist light, would not see the UAE in a similar light. It seems, rather, that it is the story told about each nation that matters - and the story of Egypt seems to be yet trapped in history.

Investors, diplomats, and policymakers are not sophisticated academics with the luxury of knowledge, time, and headspace to think critically about the stories they are told. They are busy people who don't have the time to actually learn about things - for they would rather use their time and headspace to create possibilities out of what they already know.

Our job as policy advisors is to simplify knowledge for overwhelmed policymakers; and hence part of what we ought to do as Egyptian policy advisors is to postulate an easily digestible story of Egypt, simplifying its complexities, whereby its heroes are not Sphinx and Cleopatra, but Sayyed and Zeinab.

This story must be scripted now, before it is too late; and it should be told by us, policy advisers with a profound interest in encouraging a diverse and long-term foreign investment portfolio, and not by distant media anchors or business and political leaders overwhelmed by the slew of opportunities to exhaust here and now. When asked about what my job at Moharram and Partners is, from now on my answer will be “rewriting the story of Egypt to both businesses and policymakers.”

An everything guide on writing a brief that is equal parts compelling and concise

 

More than ever, analysts today are asked to write briefs. The reasons for that are multiple: there’s too much accessible information out there for policymakers to read, policymakers are becoming busier as working hours escalate unprecedentedly, and efficient reviewing of knowledge material is accordingly becoming both essential and trendy. 

Unlike our community of analysts, investors, businessmen, politicians, diplomats, and all sorts of people we put under the super-modern label “policymakers” lack the luxury of knowledge, time and headspace that allow them to critically evaluate the stories they are told or deeply dig into its core meanings and implications. We are, therefore, asked to do that for them – and that is, precisely what a policy brief is about: digging into the subject, unleashing its core value and implications, and deciding what it could be used for and how it could be best utilized. The analogy to mining is intended: we are strictly and precisely mining to extract value from the piles of sand, dirt and noise that surround it. 

 

Briefing Process

Extracting value is the endpoint, but what is the process? Here, the mining analogy is even more pertinent. As in gold production, the process is four-fold, and each step paves the way for the next:

1. Prospecting: We screen all available sources to determine which areas and fields are worth drilling into, and which are irrelevant.
2. Drilling: Once we know where the gold lies, we drill as deep as is necessary to reach it. Note that both over-drilling and under-drilling would not help us find the substance we are after. Similarly, a brief should neither be too shallow to provide value nor too sophisticated that it takes up more time and space than the value it provides – aim to strike just the right balance. 
3. Extracting: Now that you’ve drilled down to the layer where the substance lies, not more and not less, you’ll find the information you need – extract it and run away before its market price goes down. Beware that the information stock market is becoming super time elastic. In an information age marked with cloud sharing, once someone else delivers the information to the cloud, the once invaluable knowledge becomes as cheap and easy as one google-search away. So, once you have the validated resources, take it and create with it.
4. Creating the Jewelry: Creating is key. A raw diamond ore is significantly more expensive than a diamond ring; yet we use the latter to propose to our beloved ones for a reason. That is because it is more usable – your beloved one would not be able to wear a diamond ore around, but she’d wear the diamond ring and it will help her fingers shine. She’d also use it to show others she’s engaged to you and to start conversations about your love story. That is what we’re after in a policy brief as well: putting the information together in a way that is usable to the policymaker, that would help her shine, that would show communicable value to others, and that could serve as a starting point for fruitful policy conversations.

 

So, what is a policy brief?

A policy brief is a concise summary of complex, inter-related issues presented in an order that renders them both understandable and actionable, thereby allowing policymakers to know the subject and act upon it.

 

A policy brief should have the following:

1. A sticky title. Think of the policy brief as an advocacy tool – an advertisement to the solutions you recommend. In advocacy, you want to grab attention. You also want to use the title as a conversation starter, quenching your reader’s thirst about what you have to say.
2. Executive Summary: Now that you’ve grabbed the attention of your reader, tell her in a few sentences or bullet points “what is up”; i.e. why are you writing this brief and why they should read it, what problems does it address and what solutions does it recommend. These aspects should be outlined in the summary, then detailed and evidenced in the body of the brief.
3. Problem/Rationale: This section should provide details on why the question or problem addressed in the brief is worthy of attention, and contextualizing it vis-à-vis other policy issues and surroundings.
4. Background: Seems self-explanatory, but beware of providing too much background. As mentioned earlier, you need to dig to the exact level where the knowledge value is created – not less but also not more.
5. Policy Options: What strategies are put to address the problem? This section should include both practiced and unpracticed policy options, including international standards. Make sure to evaluate every policy option, providing its strengths, weaknesses, opportunities, and threats.
6. Policy Recommendations: What do you suggest we do? This could be selecting one of the policy options provided or coining a new one. In both cases, it must be evidence-based and could be argued for on proven results, previous experiences, and crude evidence.
7. Relevant Illustrations: Provide graphs, stat tables, footage, and images, etc – the more visual, the better.
8. List of References: Cite all references that you’ve used and those that could provide more in-depth details into the issues covered in the brief.
9. Contact Details: What if the policymaker has been convinced with what you propose and I want to discuss it further? This means that your brief has succeeded – your advocacy campaign is halfway through on the way of influencing policy decisions. But for the next step to take place, the policymaker must be able to contact you. So please, do not forget to put your contact details.

 

A policy brief should do the following:

1. Provide enough background for the reader to understand the problem
2. Convince the reader that the problem must be urgently addressed
3. Provide evidence to support specific alternatives/resolutions
4. Stimulate the reader to make a well-calculated, evidence-based decision

 

A policy brief should be the following:

1. Concise. It should focus on a particular problem or issue. Do not go into all the details. Instead, provide enough information for the reader to understand the issue and come to a decision.
2. Based on firm evidence. It should draw evidence from various sources – preferably from different areas, scholars or organisations. It should not be opinionated or too argumentative.
3. Relate to the big picture. The policy brief may build on context-specific findings, but it should draw conclusions that are more generally applicable. 
4. Relevant and timely. It should be written to a specified target audience, addressing an issue they are currently having and answering a pertinent question.
5. Professional, not academic. You are not writing to scholars invested in your area of expertise, but to policymakers looking for practical solutions. Give them the problem, the solution, and the evidence that the solution would work - all in simple, straightforward, jargon-free language.
6. Actionable. Policy briefs are not meant to be read for general knowledge; they are rather written and read with a policy outcome in mind. Hence, it should be practical, feasible, and in touch with the real world. 

 

Final note:

Finally, write with passion. You are the expert in the policy field, and you provide a major push to the policy dynamics by briefing policymakers on the course of action you advocate. So act as such, it will show on your work.