National Cybersecurity Authority Releases Key Economic Indicators in Cybersecurity Sector in the Kingdom 2025 Report

The National Cybersecurity Authority (NCA) has released a report on Key Economic Indicators in the Cybersecurity Sector 2025, covering several key indicators, including the size of the cybersecurity market, the sector's contribution to GDP, and key workforce metrics.
 The report revealed that the size of the cybersecurity market in the Kingdom reached SAR15.2 billion, representing the total spending by public and private sector entities on cybersecurity products and services in 2024—an increase of 14% compared to 2023. Public sector spending amounted to SAR4.8 billion, accounting for 32% of the market, while private sector spending reached SAR10.3 billion, representing 68% of the market.
 Moreover, the contribution of the cybersecurity sector to the Kingdom’s Gross Domestic Product (GDP) in 2024 reached approximately SAR18.5 billion, reflecting a 19% growth compared to 2023. Of this, SAR9 billion represented direct contributions from cybersecurity product and service providers, while SAR9.5 billion came from indirect contributions. This contribution accounts for 0.40% of the Kingdom’s total GDP and 0.71% of non-oil activities.
 The report also provided an overview of the cybersecurity workforce in the Kingdom, which exceeded 21,000 professionals in 2024, representing a 9% increase from 2023. This progress is attributed to various programs and initiatives aimed at developing current and future cybersecurity skills and meeting national needs, ultimately supporting the Kingdom’s economic and social development. Notably, women's participation in this workforce is at 32%, surpassing the global average of 24%.
 The report showed that expenditure on cybersecurity products accounted for 51% of the total market, amounting to SAR7.7 billion, while spending on cybersecurity services represented 49% of the market, reaching SAR7.5 billion. Additionally, the report highlighted the most demanded cybersecurity products and services, which included Network Security, Endpoint Security and Management, Cybersecurity Operations Solutions, Cybersecurity Management Consulting, and Data Security.
 According to NCA, the report is a result of a comprehensive study, with inputs from stakeholders across the public and private sectors, academic institutions, and cybersecurity professionals. It involved a three-level classification of cybersecurity products and services across five main categories and 26 activities of over 100 cybersecurity products and services, aligned with global methodologies and best practices.