India-Saudi Arabia: Cybersecurity Cooperation And Critical Infrastructure Protection (2026)

Policy Update

Mallika Amale

For centuries, India and Saudi Arabia have shared a strong relationship spanning political, cultural, and socio-economic cooperation. This relationship is anchored in robust energy trade and deep-rooted diaspora ties. As both nations are increasingly embracing emerging technologies and undergoing rapid digitisation, their partnership has expanded into a new-generation security domain wherein cybersecurity has emerged as a critical pillar for strategic cooperation.

The institutionalisation of the Strategic Partnership Council (SPC) in 2019 marked the beginning of India-Saudi cooperation in cybersecurity and the safeguarding of critical infrastructure. Discussions commenced under broader defence, security, and technological cooperation frameworks of SPC. India’s priorities are to safeguard its Digital Public Infrastructure (DPI) and the telecom sector along with its cyberspace. Its digital economy is valued at 11.74 percent of its national income, thus contributing USD 402 billion to the GDP. Considerable progress has been made in capacity development, legal, and technical aspects of cybersecurity by India as evident by its Tier 1 status in the International Telecommunication Union (ITU) Global Cybersecurity Index.

Similarly, Saudi Arabia’s Vision 2030 constitutes cybersecurity as a cornerstone for its economic resilience and development. Vision 2030 seeks to diversify the Saudi economy, build smart cities such as NEOM, and secure critical oil, gas, desalination, and logistics infrastructure.

Today, both countries face an ever-increasing number of cyber threats from state and non-state actors targeting critical infrastructure. Attacks on India’s cyberspace alone increased by 138 percent between 2019 and 2023, making it the second most targeted country. This is detrimental to the regional security environment across the Indo-Pacific and West Asia, thereby necessitating greater cooperation between India and Saudi Arabia.

Functioning

No formal cybersecurity-related bilateral treaty or initiative exists between India and Saudi Arabia. Nevertheless, cooperation in this area generally functions through the way of strategic dialogues and broader defence and security initiatives. Today, the gradual institutionalisation of such cooperation and high-level discussions indicate little headway.

The primary entity deciding the priorities and providing strategic guidance is the Strategic Partnership Council (SPC) and other high-level inter-ministerial dialogues involving ministries of external affairs, defence, communications, and information technology. For instance, on 28 August 2025, during the seventh meeting of the India-Saudi Arabia Joint Committee on Defence Cooperation (JCDC), both sides discussed improving training capabilities and expanding cooperation in cybersecurity and information technology. On the sidelines of the first SPC Summit meeting on 11 September 2023, the first India-Saudi Investment forum was organised wherein more than fifty MOUs were signed.

In India, the national cybersecurity coordinator of the National Security Council Secretariat (NSCS) is responsible and works in tandem with the Ministry of External Affairs (MEA) on cyber partnerships. Also, the Cyber Diplomacy Division (CDD) of MEA deals with bilateral and multilateral cooperation. Other institutions such as the Indian Computer Emergency Response Team (CERT-In), the National Critical Information Infrastructure Protection Centre (NCIIPC), the New and Emerging Strategic Technologies (NEST) Division, and other sectoral regulators play a key role as well. Similarly, Saudi Arabia has the National Cybersecurity Authority (NCA) and other sector-specific regulators overseeing energy, water, and transport systems. Discussions revolve around information-sharing, policy coordination, and capacity building. Recently, collaboration between Indian IT firms and Saudi digital security initiatives has increased, with a focus on developing smart infrastructure projects.

Impact

Assessing the impact of India-Saudi cybersecurity cooperation and efforts to protect critical infrastructure may not be immediately quantifiable but it can be understood in strategic terms. Both countries seek a strategic partnership that extends beyond traditional security issues and focuses on non-traditional security threats and the risks of emerging technologies. At the 2023 G20 Summit both parties reaffirmed their commitment to collaborate on the same.

India-Saudi trade and energy ties have been on an upward trajectory in the last decade. Thus, securing logistics and energy infrastructure carries direct economic impact. For instance, the Reserve Bank of India noted that data breaches cost India USD 2.81 million in 2023, marking a 28 percent increase since 2020. Improving resilience of critical infrastructure is paramount to bilateral trade and global supply chains.

Furthermore, Indian cybersecurity and IT firms are leveraging Saudi’s push for secure digital projects, generating commercial opportunities for the private sector and facilitating the transfer of operational best practices. Major Indian IT companies such as TCS, WIPRO, Tech Mahindra, HCL, and LIT Mindtree are working with the Saudi government as well as private sector entities in the fields of AI, Robotics, automation, and most importantly, cybersecurity.

Emerging Issues

Limited Progress and Indicators for Bilateral Cooperation: More standalone high-level agreements are needed for India and Saudi Arabia to truly prosper in the field of cybersecurity and cooperate in securing critical infrastructure. Due to a lack of standalone or general agreements between the two countries, proper immediate output and progress is not quantifiable.
Divergent Regulations: India and Saudi have different legal frameworks and norms around data protection and cross-border flows that complicate real-time intelligence sharing.
Dependence on Private Entities: Even though a few government-to-government MOUs were signed between India and Saudi Arabia, most of the critical infrastructure and supply chains rely heavily on private firms. This overdependence should be avoided and government-to-government cooperation must be supplemented by public-private engagements.
Unorganised cyber domain of India: Cybersecurity matters are handled by a myriad of agencies and ministries in India. Although an amendment was made in 2024 to the Allocation of Business rules, there is a lack of clarity and responsibility of cybersecurity and cyber crime matters. This makes operational integration and governance challenging, which in turn creates hurdles for cyber cooperation.
Geopolitical Uncertainties: India and Saudi Arabia have considerably similar strategic goals. However, they operate in distinct geopolitical alignments, which might lead to different cyber priorities and threat perceptions. For instance, the latest Saudi-Pakistan defence deal, which was – according to some experts – meant to be more of a strategic posturing move and aimed towards western countries rather than India introduced nuance and concerns. This introduces strategic sensitivities to bilateral cooperation.

Way Forward

India and Saudi Arabia have commenced collaboration on cybersecurity cooperation and critical infrastructure protection with a forward-looking attitude in the age of emerging technologies but a significant amount of work still needs to be done. The frequent high-level technical exchanges need to be transformed into a dedicated working group on cybersecurity and protection of critical infrastructure with clear and measurable benchmarks.

Creation of sector-wise MOUs will help make the complex task of protecting critical infrastructure much easier. Moreover, establishing a joint financial mechanism to ensure stable budget lines for capacity building and joint exercises is essential. Additionally, this cooperation could focus on private-public collaboration opportunities more often by formalising industry participation in bilateral exercises.

Going forward, deeper institutionalisation, transparency, proper funding, and integration with digital and defence cooperation can enhance outcomes for both parties. For India, this is a great opportunity to leverage its secure and self-reliant digital public infrastructure and cyber capabilities. For Saudi Arabia, this is an opportunity to make progress on Vision 2030 and secure modernisation. Together, the two countries are supporting a vision of cyberspace that emphasises sovereignty and development rather than weaponisation.

References

Associated Press. (2023, September 11). India and Saudi Arabia agree to expand economic and security ties after the G20. Associated Press. https://apnews.com/article/india-saudi-arabia-corridor-g20-9ecb469959ad9ab1a997b711db3dc902
Bharadwaj, T. (2025, September 1). Mapping India’s Cybersecurity Administration in 2025. Carnegie Endowment. https://carnegieendowment.org/research/2025/09/mapping-indias-cybersecurity-administration-in-2025
DD News. (2025, August 29). India, Saudi Arabia hold 7th Joint Committee meeting on defence cooperation | DD News. Doordarshan News. https://ddnews.gov.in/en/india-saudi-arabia-hold-7th-joint-committee-meeting-on-defence-cooperation/
Embassy of India, Riyadh, Saudi Arabia. (2025, June 15). India-Saudi Bilateral Relations. Embassy of India, Riyadh, Saudi Arabia. https://www.eoiriyadh.gov.in/page/india-saudi-bilateral-relations/
Embassy of India, Riyadh, Saudi Arabia. (2025, July). India-Saudi Arabia: Economic and Commercial Brief. Embassy of India, Riyadh, Saudi Arabia. https://www.eoiriyadh.gov.in/page/india-saudi-arabia-economic-and-commercial-brief/
Ministry of External Affairs, Government of India. (2023, September 11). Joint Statement during the State Visit of HRH the Crown Prince and Prime Minister of the Kingdom of Saudi Arabia to India. Ministry of External Affairs, Government of India. https://www.mea.gov.in/bilateral-documents.htm?dtl/37110/Joint+Statement+during+the+State+Visit+of+HRH+the+Crown+Prince+and+Prime+Minister+of+the+Kingdom+of+Saudi+Arabia+to+India
Peri, D. (2024, December 25). India, Saudi Arabia exploring joint ventures in defence sector. The Hindu. https://www.thehindu.com/news/national/india-saudi-arabia-exploring-joint-ventures-in-defence-sector/article69026734.ece
RMG Group. (2025, July 28). Vision 2030 and Cybersecurity: Building an Impregnable Digital Fortress for Saudi Arabia’s Future. RMG. https://www.rmg-sa.com/en/vision-2030-and-cybersecurity

About the Contributor

Mallika Amale is currently interning at IMPRI. She is pursuing a Master’s in International Relations and Strategic Studies from the School of International Relations and Strategic Studies (SIRSS) at the University of Mumbai. Her research interests include India’s foreign policy, maritime security in the Indian Ocean Region, and the Indo-Pacific.