In a significant move to consolidate control over its digital infrastructure, the Syrian government has revoked the information security accreditations of several local and regional firms. The decision, announced by the National Authority for Information Technology Services (NAITS) under the Ministry of Communications, signals a major regulatory overhaul aimed at enforcing a national vision of “digital sovereignty.”
Regulatory Crackdown
The NAITS has withdrawn certifications for XTECH LLC, Smart Systems Solutions, and the prominent regional firm Talal Abu-Ghazaleh & Co. The authority stated that the decision was due to the companies’ failure to comply with the regulations governing information security service providers.
These companies provided critical services to both public and private sector clients, including information system readiness assessments, penetration testing, data protection consulting, and digital archiving solutions. The revocation effectively bars them from offering any services in the sector, with the government warning of legal consequences for any violations.
This action follows a recent directive that established NAITS as the sole entity responsible for information security at a national level, granting it the power to regulate the private sector through accreditation.
Towards A National Cybersecurity Strategy
Alongside the regulatory crackdown, the government is actively drafting a “National Cybersecurity Strategy.” Jihad Alala, Director of the Information Security Center at the Ministry of Communications, confirmed that a draft is currently under review with relevant government bodies and is expected to be launched soon.
Alala emphasized that this strategy is part of preparations for an upcoming “digital revolution” and aims to establish the necessary legal and legislative frameworks. He also highlighted that a core principle of Syria’s digital sovereignty is the mandatory local hosting of all government data.
“Hosting any data or systems belonging to the government sector outside the country is strictly forbidden,” Alala stated, underscoring the government’s commitment to securing national data within its borders.
While the current focus is on building a robust national framework, the ministry plans to eventually open the cybersecurity sector to private local and international companies. The government’s role will then shift to focus on legislation, administration, and governance.
Broader Telecom Sector Reforms
These developments in the cybersecurity space are occurring in tandem with wider reforms in Syria’s telecommunications industry. The government is reportedly considering issuing a new mobile operator license through a public auction. This new operator would potentially manage one of the two existing carriers, Syriatel or MTN, as part of an effort to attract foreign investment and revitalize the country’s telecom infrastructure amid public dissatisfaction with current service providers.
About The National Authority for Information Technology Services
The National Authority for Information Technology Services (NAITS) is the Syrian government body responsible for organizing and regulating the information security sector in the country. Operating under the Ministry of Communications and Technology, its mandate includes setting standards, granting accreditations to service providers, and overseeing the implementation of the national cybersecurity strategy to protect Syria’s digital space.
Source: Alaraby
