Oman: TRA to launch business caller ID; telecom sector revenues up 4%
The announcement was made during TRA's annual media briefing on Wednesday held under the theme 'Investing in Opportunities and Accelerating the Building of an Enhanced Digital Society' which reviewed the authority's 2024 achievements across the telecom and postal sectors.
Omar bin Hamdan al Ismaili, CEO of TRA, said new regulations would soon be issued to ensure accuracy of billing systems used by telecom operators in the sultanate.
Presenting key figures for the sectors, Ismaili said mobile subscriptions grew 7% in 2024 to 7.5mn, while Internet of Things (IoT) subscriptions surged 72% to 1.1mn. Fixed broadband subscriptions increased 2% and the number of 5G stations rose 12%.
A total of 6,500 telecom towers have been upgraded from 3G to 4G and 5G, and an additional 545 5G stations are expected to be built this year, taking the total to 5,856 – a 13% annual increase.
High-speed fixed broadband now covers 90% of residential units, with 97% of public schools also connected. Ismaili confirmed that all public schools in Oman now have full Internet coverage.
The telecom sector generated approximately RO920mn in revenues in 2024, up 4% compared to 2023. Revenues from the postal sector increased 3% to RO27.2mn.
Ismaili said the revenue growth reflects broader economic expansion and diversification of services. The number of companies licensed to provide telecom services rose 9% to 24, while those authorised to offer such services grew 63% to 399 with 72% of these being SMEs.
In the postal sector, the number of licensed operators increased 21% to 74 companies, 80% of which are SMEs. Incoming international postal shipments surged 60% in 2024 to 3.2mn.
Omanisation rates in the sectors remained high – 93% in telecom and 71% in postal services.
Ismaili noted that TRA secured a leading position among government service institutions for digital transformation, and that Oman advanced 26 places to rank 22nd globally in the Telecommunications Infrastructure Index. The sultanate also ranks among the world's top 28 nations for average mobile data download speed.
© Apex Press and Publishing Provided by SyndiGate Media Inc. (Syndigate.info).
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Khaleej Times
2 days ago
- Khaleej Times
A CISO's guide to securing XIoT in the Middle East
The rapid expansion of the Internet of Things (IoT) is reshaping the physical and digital contours of modern infrastructure. From biometric gates at international airports to infusion pumps at hospitals, from ubiquitous surveillance devices to office peripherals of a mundane kind — the networked device universe is ubiquitous and exposed. This interconnected network offers clear functional benefits. However, as more devices communicate with each other, there are more entry points for cyberattacks. The numbers are staggering. The Middle East IoT market is projected to grow from $43.99 billion to $241.65 billion by 2030, a 449 per cent increase. Saudi Arabia alone commands nearly 40 per cent of the regional market, generating $10.22 billion in revenues. Yet, as organisations embrace XIoT (extended Internet of Things), security risks escalate. The Middle East saw a 211 per cent rise in Distributed Denial of Service (DDoS) attacks in 2024, while the average cost of a cyber breach now stands at $8.75 million. Mega-breaches — those affecting 50 to 60 million records — have soared to $375 million, up $43 million from 2023. To fully benefit from the tremendous value of IoT devices, they need to be secured and managed effectively. Proper security management ensures devices are protected from cyber threats, minimising vulnerabilities that attackers exploit. This involves comprehensive visibility into device usage, regular updates to firmware, strong authentication methods, and proactive monitoring to detect and respond swiftly to security incidents. Organisations should invest in robust cybersecurity frameworks to harness IoT's full potential safely and sustainably. For the modern CISO, the mandate extends beyond protection to building a resilient cybersecurity strategy — one that ensures rapid detection, response, and recovery. In today's threat landscape, resilience isn't optional; it's a strategic necessity for business continuity and trust. 1. Know what you own: The XIoT visibility challenge You cannot protect what you cannot see. Many organisations have thousands of connected devices, yet few have a complete inventory. From smart cameras to industrial sensors, these silent operators are often neglected, leaving security gaps. S teps to take: • Catalogue every device – Identify all XIoT endpoints across departments, from IT to operational technology (OT). • Assess security measures – Check for outdated firmware, default passwords, and unpatched vulnerabilities. • Engage stakeholders – Hold cross-functional meetings with IT, OT, and physical security teams to ensure all devices are accounted for. Visibility is the foundation of security. Without a real-time asset inventory, XIoT security is a guessing game. 2. Automate security fixes: Stay ahead of the threats Manual patching is a losing battle. With multiple vendors, different operating systems, and legacy devices, keeping up with security updates is impossible without automation. What to automate: • Eliminate default logins – Many devices ship with 'admin/admin' credentials. These must be changed immediately. • Firmware updates – Some vulnerabilities, like those in Z-Wave chipsets, require urgent patching. If updates are unavailable, devices must be segmented. • Standardise security settings – Enforce encryption, secure boot, and endpoint monitoring across all connected devices. • Pro tip: Not all XIoT devices can be patched. If an update is unavailable, limit access and segment networks to reduce risk. 3. Continuous monitoring: The watchtower approach Static defences are not enough. Attackers are evolving, and so must security teams. Continuous monitoring provides real-time visibility into suspicious behaviours, unauthorised access attempts, and misconfigured devices. Best practices: • Monitor device behaviour – Use AI-driven analytics to flag unusual activity, such as an XIoT device suddenly communicating with an unknown server. • Establish incident workflows – Ensure that alerts from security operation centers (SOCs) reach the right teams in real time — whether IT, OT, or physical security. • Leverage threat intelligence – Study patterns of attempted intrusions to adjust defenses accordingly. XIoT security is not just about detection — it's about rapid response. A CISO's playbook for XIoT security Securing XIoT in the Middle East demands a dynamic, strategic approach that matches the scale and speed of the growing threat landscape. The region's digital economy is accelerating, and the volume of connected devices is rapidly multiplying. To stay ahead, CISOs must proactively identify assets, automate defences, consistently monitor threats, and swiftly enforce response frameworks. Speed and scalability are critical organisations must transition swiftly from reactive strategies to proactive, automated, and ultimately autonomous security operations. Ultimately, it is leadership, not just technology, that drives robust xIoT security. By positioning cybersecurity as a long-term strategic investment, organisations can protect infrastructure, ensure operational resilience, maintain trust, and unlock the benefits of digital transformation safely. In our increasingly connected world, proactive protection is no longer optional — it's the smarter path forward. The writer is Middle East & Africa Vice President at Phosphorus Cybersecurity.
TECHx
2 days ago
- TECHx
5 Common Mistakes In Identity Security, And How To Fix Them
Home » Expert opinion » 5 Common Mistakes In Identity Security, And How To Fix Them Identity security is more vital than ever. Morey J. Haber reveals key oversights companies make and offers solutions to reduce risks and prevent breaches. A modern organization carries with it so much IT complexity that cyber-threat actors no longer favor traditional hacking; they prefer to log in. This makes identities the primary attack vector for our digital adversaries, which means we must give the protection of credentials and secrets equal priority to that of vulnerabilities and patch management. A report from June 2024 claimed 99% of UAE-based organizations experienced 'two or more identity-related breaches' in the preceding year. Organizations can no longer ignore the need for identity security in the face of an increasingly sophisticated threat landscape. A risk-management approach to identity and access-management solutions will be critical if enterprises are to take control of the entire life-cycle of identity tools and their cross-vendor integration. This methodology can uncover flaws buried within workflows and solutions that have been in production for years. If these legacy problems persist in the current threat climate, it may only be a matter of time before a breach occurs. We now have to consider identity security as a part of our everyday operations. In establishing stronger identity security and management, it is advisable to account for the most common errors first. Consider the top five of them: 1. Ownership Identity in the digital realm can apply to either a human or a machine, each of which has an account through which they own that identity. Humans may have multiple accounts, but when dealing with machine identities, a human should always be assigned as the owner. Machine identities include all associated accounts that are used for integrations, service accounts, and other machine to machine communication. Any operation or session that requires authentication should be covered by identity management. A common mistake is the failure to include the ownership of machine accounts as something to be monitored and managed. In many cases the owners of service accounts, cloud-based secrets, or integration credentials are not documented, and therefore the business is simply not aware of them. Unmanaged and unmonitored, these accounts can be associated with delays in response when events occur. This is a risk that can be mitigated by recording an owner for every machine identity, and by regularly reviewing these records for accuracy. This is especially true for dynamic environments that may have regular changes in personnel and technology. 2. Privilege Every account associated with an identity is granted entitlements that can range from email, to storage, and Internet access all the way up to administrators, which are the custodians of the organization's most sensitive information. It is not uncommon to find the highest level privileges assigned, for convenience only, to those who do not need them, which expands the risk surface substantially. Many breaches start with the targeting of junior employees. For threat actors, lateral movement is easier if they find the privileges they need without the need to find a vehicle for privileged escalation. The principle of least privilege calls for IT administrators to assign only the required privileges necessary for an account's owner to perform assigned functions. This eliminates overprivileged accounts and shrinks the risk surface by ensuring threat actors are less likely to be assigned high-level credentials on the first account they hijack. 3. Secrets Any information not widely disclosed that provides authentication is known as a secret. These can be everything from a password to an API key. Their storage, reference, and retrieval must be highly secure to prevent threat actors from compromising them. Common errors in secret storage include using unencrypted spreadsheets or text files, or even browser-based password managers. All these methods have their weaknesses and should be avoided. It is recommended to use a secure password or secrets-storage solution, and strictly manage access to it. Additionally, it is recommended that the storage solution itself be periodically tested for vulnerabilities. 4. MFA To complement secrets, extra confidence in the identity-account relationship can be provided through multifactor authentication. While it is important for organizations to remember that many MFA solutions are flawed (SMS attacks, MFA fatigue, etc.). it is also true that any multifactor authentication is better than none. All human identities should have multifactor authentication implemented for each account they own, and it should also be in place for all access requests including any escalation of privilege requests. 5. Remoting Many UAE organizations have established flexible working practices that allow employees to access corporate systems remotely. This access commonly extends to contractors, vendors and other user types, regardless of geolocation. The range of cloud services available through remote access is expanding every day, which presents a challenge to those tasked with providing enterprise-wide identity security. This is because each of these services requires some level of access to sensitive data, which means an associated identity must be managed. Organizations must make sure they secure all remote access channels using industry best practices. They must also avoid using remote access technologies like RDP, SSH and FTP. RDP (Remote Desktop Protocol) and SSH (Secure Shell) do not adequately guard against simple brute-force attacks or credential stuffing and FTP (File Transfer Protocol) lacks encryption, leaving it open to eavesdropping and man-in-the-middle attacks. While these solutions can be used more securely with careful configuration, a more secure approach is to implement dedicated technology that is designed around the prevention of identity-based attacks. The right controls Perimeter security has become almost obsolete. Firewalls and other intrusion prevention systems are being replaced by solutions that mitigate modern attack vectors – identities. We live much of our lives in and around our digital identity and each of us has several accounts tied to it. Meanwhile, machine identities need ownership to allow their usage and maintenance to be appropriately monitored. But both human and machine identities, while indispensable, represent points of weakness if the right identity security controls are not in place. Part of the maturity of any security model should be the mitigation of the common errors discussed here. The world has become irreversibly connected and our digital identities are part of that fabric. To protect them is to protect ourselves, our businesses, and our economies. By Morey J. Haber, Chief Security Advisor, BeyondTrust
Zawya
2 days ago
- Zawya
Asyad Shipping's training initiative strengthens Oman's status in global trade
MUSCAT - As part of Oman Vision 2040, Asyad Shipping has trained 230 Omani nationals to work on commercial vessels under a first-of-its-kind initiative launched in 2023. The programme is a strategic step forward towards bolstering Oman's maritime strength, accelerating Omanisation, and advancing the status of Oman on global trade routes. Out of the total trainees, 30 were posted as deck officers and engineers and 200 as assistant engineers and navigational support staff. Omanis are being systematically trained for such work at sea for the very first time, hitherto held by expatriates—reflecting a shift towards specialist national recruitment and long-term sustainable workforce. The work was highlighted at the Omani Seafarers Day event by the Ministry of Transport, Communications and Information Technology as a national seafaring development success. Offered by intensive study in conjunction with hands-on practice on Asyad's ships, training gave participants the technical and operational skills they needed. The majority were successful in overcoming initial challenges in acclimating to ship life, assisted by other Omanis on the ship, which provided high esprit de corps and perseverance. Kamila al Wahaibi, the responsible official for Omani sailors at Asyad Shipping, said: "Oman Vision 2040 invites us to cultivate a skilled and competitive national talent pool. This effort not only prepares Omanis with essential maritime skills but also secures the future of our national shipping fleet by investing in domestic talent." In addition to being a national workforce initiative, the programme brings Oman into the main fold of global maritime trade. As global shipping lanes become more strategically valuable, Oman's location—at the crossroads of East-West trade—makes them an essential hub for logistics. Preparing Omanis to crew and manage commercial vessels directly addresses the nation's capacity to facilitate and grow as part of global networks in commerce. The initiative, led under the guidance of Asyad's leadership, is a poster child of public-private partnership, which reflects the pillars of Vision 2040's economic diversification, private sector empowerment, and human capital development. By opening new opportunities to the sea profession, Asyad is not only revamping Oman's transport and logistics sector but also playing its part in cementing the Sultanate of Oman's place in the global economy as an educated, connected, and competitive trade nation. 2022 © All right reserved for Oman Establishment for Press, Publication and Advertising (OEPPA) Provided by SyndiGate Media Inc. (
