“This exhibition [CDIS] will shape the destiny of cybersecurity and intelligence in Egypt and the entire region,” says Ahmed Abdel-Hafez, vice president for cybersecurity affairs at the National Telecommunications Regulatory Authority (NTRA). “As part of Egypt Vision 2030 and President Abdel Fattah el-Sisi’s digital transformation policy, this exhibition will bring experts together to showcase the best practices, insights and efforts on one of the most critical topics affecting the region and the world, namely, how to guarantee a secure and reliable cyberspace,” he says.
Currently, 17-30% of the world’s Internet traffic is estimated to flow through Egypt, connecting between 1.3 and 2.3 billion people. Eighteen submarine cables run through the country’s territory, the most of any country other than the United States. Egypt’s strategic location at the intersection of three continents – Africa, Asia and Europe – has made it a hub for interconnecting submarine cable systems.
This concentration is often described as a “choke point”: when the Asia-Africa-Europe-1 (AAE-1) cable was severed on 7 June 2022, the whole world experienced outages and network problems. With the recent geopolitical developments in the region and easier relations between the Gulf monarchies and Israel, new possibilities are emerging that could challenge Egypt’s regional monopoly.
Google has invested 500 million dollars (452 million euros) in opening a new, 8,000 km corridor linking Europe (Italy) to India via Israel, Jordan, Saudi Arabia, Oman and Djibouti, carefully avoiding the Egyptian choke point. This new route will provide an alternative, but Egypt continues to invest massively in the field (Telecom Egypt has invested 500 million dollars over the last ten years) and will remain a key player given its strategic position.
“Egypt Vision 2030”: Egypt dreams of being the next digital hub
Egypt Vision 2030 includes an ambitious plan to bolster its digital technology sector and become a regional IT hub. Efforts to achieve this goal include promoting technology training for young people, establishing technology “free zones” for businesses, upgrading communication infrastructure, expanding internet coverage and leveraging artificial intelligence to improve public services. Long-term objectives also include increasing the number of technology start-ups and creating a skilled technology job market.
The new administrative capital under construction halfway between Cairo and the Suez Canal is an essential component of this modernisation strategy. With a data mega-centre, cloud computing services, incubators, accelerators and other smart infrastructure, the city has been designed to become a leading digital innovation hub for Egypt and the wider region.
This digital transformation programme, launched in 2016, was drastically stepped up in response to the Covid-19 pandemic. According to the Ministry of Communications and Information Technology (MCIT), Internet use increased by over 20% in the first quarter of 2020 alone.
Consequently, Egyptian operators have invested heavily in network expansion and infrastructure upgrades, with MCIT reporting that 27,000 kilometres of optical fibre cable were laid in the country between 2020 and 2021. In August 2021, the total number of mobile phone subscribers in Egypt reached 99.6 million, an increase of 5.5 million compared to the same period in the previous year.
As cyberspace expands, so do cyber threats and state surveillance
As the sector grew between 2020 and 2021, the Egyptian government passed a series of cybersecurity laws; the new legal provisions empower the authorities to monitor social networking platforms and messaging applications. The law requires companies with more than 5,000 users in Egypt to open offices in the country and store user data locally for 180 days.
It also allows the authorities to block websites deemed a threat to national security. The new law stipulates that all data controllers, whether located inside or outside Egypt, must obtain a licence from the Egyptian Data Protection Authority to process personal data for individuals located in Egypt.
In addition, the law requires that all personal data related to Egyptians be stored on servers located in Egypt, with certain exceptions. In addition to concerns about the potential for the law to be used as a tool for government surveillance and censorship, it has been criticised for its potential impact on foreign companies operating in Egypt. Complying with the requirement to store data in Egypt could create logistical and financial challenges.
The sector’s swift growth has, of course, come with an increase in cybersecurity threats to the country and its people, highlighting the sector’s vulnerability. In August 2021, Telecom Egypt suffered a breach of its customer database, putting the sensitive information of millions of people at risk.
The hackers managed to gain access to customers’ names, phone numbers and addresses, exposing the company’s cybersecurity flaws. A month later, Vodafone Egypt suffered a DDoS attack that disrupted its services for several hours. This operator reported that customer data was not compromised in the attack, but it did cause significant disruption and highlighted the exposure of the country’s telecommunications infrastructure to cybersecurity threats.