Scattered Clouds
clouds

18 April 2024

Amman

Thursday

71.6 F

22°

Home / View Points

Cybersecurity in Jordan: A National Priority

07-01-2025 02:57 PM


Dr. Hamza Alakaleek
Cybersecurity has become a pivotal concern in the digital age, with businesses and organizations facing daily risks due to rapid technological advancements. In Jordan, cybersecurity is an integral part of governance and data protection strategies, with Jordanian systems focusing on safeguarding digital assets and citizens' personal data.

Jordanian laws aim to provide a secure digital environment through various legislations and procedures, emphasizing key aspects of digital asset protection. The National Cyber Security Centre (NCSC) plays a central role in regulating and ensuring this safe digital environment by issuing regulations and instructions that obligate companies and institutions to implement cybersecurity standards.
One of the key directives from the NCSC concerns Cybersecurity Policies. The NCSC emphasizes the need for Jordanian companies and institutions to develop comprehensive cybersecurity policies covering all digital operations. These policies should include plans for managing digital assets, classifying sensitive data, and implementing procedures to protect systems from cyberattacks.

Crucial policy components should clearly define roles and responsibilities for employees to ensure compliance. They should also provide regular training programs on security best practices, such as handling suspicious emails and maintaining strong passwords, and ensure policies are regularly updated to keep pace with technological changes and emerging threats.

In addition, institutions must comply with the Jordanian Electronic Transactions Law No. (27) of 2015, which includes provisions for penalizing electronic violations. Institutions handling external data are required to implement standards such as the Jordanian Personal Data Protection Law (PDPL) and the General Data Protection Regulation (GDPR) to ensure data protection according to international standards.

Furthermore, the NCSC emphasizes the importance of signing Service Level Agreements (SLAs) with third parties, such as technology service providers, to ensure their adherence to cybersecurity standards.

The NCSC mandates that institutions establish incident response plans to mitigate the impact of cyberattacks. Key plan elements require procedures for immediate reporting of incidents to the NCSC and the establishment of a specialized incident management team within the institution. They should also include procedures for handling incidents, including isolating affected systems, analyzing the cause of the breach, and recovering data.

Moreover, the NCSC requires institutions to conduct periodic cybersecurity risk assessments to identify vulnerabilities and take appropriate mitigation measures. The NCSC in Jordan is serious about cybersecurity. They want all businesses and organizations to have clear rules (policies) about how to keep data safe and educate their employees about online dangers. They also want them to follow the law and international standards (like GDPR if they handle data from outside Jordan) and ensure that any companies they work with also have robust security measures in place.

By adhering to these directives, Jordanian businesses and organizations can significantly reduce their risk of cyberattacks, protect their valuable data, and maintain the trust of their customers and stakeholders. The NCSC's guidance provides a robust framework for building a secure digital environment in Jordan, fostering economic growth and protecting national interests.

In addition to the previously mentioned points, several other measures are crucial for enhancing cybersecurity within Jordanian institutions. These include penetration testing and data analysis: Regular penetration tests should be conducted to identify system vulnerabilities. Analyzing data related to past attacks helps predict future threats. The NCSC also emphasizes the need to collect and process personal data in accordance with the law, obtaining explicit consent from individuals before using their data. Institutions must protect data using techniques like encryption and ensure unauthorized access is prevented. It is also vital to establish clear and publicly available privacy policies for customers, explaining how data is collected and used. Encryption techniques should be used to protect data during transmission and storage.

Despite ongoing efforts, Jordan faces several cybersecurity challenges. These include legislation: While laws like the Electronic Transactions Law exist, more specialized legislation addressing the complexities of cybersecurity is needed. There is also a lack of public awareness regarding cyber risks and the importance of protecting personal data. Furthermore, many institutions struggle to update their systems to meet modern security standards.

To address these challenges and enhance cybersecurity in line with technological advancements, Jordan needs to enhance infrastructure. This includes updating technical systems and networks to ensure compliance with international security standards and increasing investment in advanced technologies like artificial intelligence to improve cyberattack detection. It also requires providing continuous training programs for employees in both the public and private sectors on security best practices and establishing specialized training centers to qualify cybersecurity experts. Supporting innovation is another crucial step, including supporting startups offering innovative cybersecurity solutions and providing financial incentives for companies investing in improving their security infrastructure.

Cybersecurity is not an option but a strategic necessity for ensuring the stability of the economy and society in the digital age. Jordan needs to adopt a comprehensive approach that balances strengthening legislation, updating infrastructure, and raising public awareness. Through these efforts, Jordan can become a role model for cybersecurity in the region.




No comments

Notice
All comments are reviewed and posted only if approved.
Ammon News reserves the right to delete any comment at any time, and for any reason, and will not publish any comment containing offense or deviating from the subject at hand, or to include the names of any personalities or to stir up sectarian, sectarian or racial strife, hoping to adhere to a high level of the comments as they express The extent of the progress and culture of Ammon News' visitors, noting that the comments are expressed only by the owners.
name : *
email
show email
comment : *
Verification code : Refresh
write code :