On 31 July 2025, Jordan’s National Cybersecurity Center (NCC) revealed that 6,758 cyber incidents targeted national cyberspace in 2024 a 175 percent increase versus 2023. Detection rates reached 97 percent, yet the volume underscores pressing challenges across the region’s digital ecosystem. This data is critical for global CISOs and SOC teams charting cybersecurity trends in the Middle East and Africa.
According to NCC’s 2024 annual report translated by Petra on 31 July 2025, the sharp rise stems largely from expanded surveillance of governmental networks and devices. Despite this, analysts stress that real threats-not just visibility-are escalating.
Alert and Response Metrics
Throughout 2024, 6,922 cyber alerts were issued up from 2,609 in 2023. Jordan Computer Emergency Response Team (JoCERT), under NCC, managed approximately 3 percent of incidents and issued 75 technical reports. Only 2 percent of events were labeled as “critical,” while 88 percent medium‑risk and 10 percent low‑risk; no high‑severity incidents were reported in 2024, unlike 1 percent in 2023.
Vulnerability Scans: Identifying Weaknesses
NCC teams detected 7,846 vulnerabilities across critical infrastructure, public websites, and e‑government services. Ongoing security audits underpin Jordan’s commitment to proactive risk reduction.
Regional Significance: MEA Cybersecurity Implications
Jordan’s escalation mirrors broader MEA digitization, where rapid adoption of online services strains national cybersecurity services capacity. Regulatory frameworks such as Jordan’s data protection and national cybersecurity laws are under test. Compared with neighbours like UAE and Saudi Arabia, Jordan’s proactive detection efforts position it as a regional security leader.
Global Context and Benchmarking
While Jordan saw a 175 percent increase, many global economies experienced similar surges due to COVID-driven remote operations and geopolitical tension. Yet Jordan’s 97 percent detection rate outpaces many peers. According to NCC Group’s Cyber Threat Monitor 2024, Western nations saw 79 percent of ransomware attacks—and industrial sectors were most targeted globally.
Expert Perspectives
“Jordan’s structured detection metrics and vulnerability assessments show maturity in digital defence,” said a security analyst from the region’s CERT network.
A spokesperson for JoCERT noted that enabling real‑time monitoring led directly to the high detection percentage.
Actionable Takeaways
- Deploy Continuous Monitoring: Matching Jordan’s model, MEA entities should expand visibility across network and endpoints.
- Classify Risk Accurately: Use tiered risk categories (critical, medium, low) to prioritize response.
- Conduct Regular Vulnerability Scans: Teams detected nearly 8,000 vulnerabilities—scan often.
- Strengthen CERT Coordination: Enable entry-level response via JoCERT-style frameworks in each country.
- Train & Raise Awareness: Embed security training programs in all public and private institutions.
- Invest in Incident Response Playbooks: Prepare operators to manage surges similar to 2024.
- Integrate Governance Frameworks: Align with ISO/NIST-based national cybersecurity frameworks like Jordan’s.
- Use External Cybersecurity Services: Engage vetted providers for pentesting and resilience validation.
- Promote Public‑Private Collaboration: Share threat intel across sectors for collective awareness.
- Benchmark with Global Reports: References like NCC Group’s annual monitor offer insights on global ransomware trends.
Conclusion
Jordan’s NCC report of 6,758 cyber incidents in 2024 highlights both the scale of threats and the effectiveness of vigilant detection. The strategic expansion of monitoring operations helped flag nearly all incidents but the underlying volume reflects growing cyber risk in a digitizing region. MEA defenders would do well to emulate Jordan’s transparency, structured risk classification, and proactive governance to stay ahead in an evolving threat environment.
Sources
- Petra: “NCC responded to 6,758 cyber incidents last year” (31 July 2025)
- Petra: “Center Reports 1,297 Cyber Incidents in Q1 2025” (4 June 2025)
- Petra: “NCSC handles 1,457 cyber incidents in last quarter 2024” (16 March 2025)
- NCC Group: “Cyber Threat Monitor Report 2024” (31 January 2025)
- Petra: “Gov’t Report Highlights Cybersecurity Progress” (19 August 2024)
- Petra: Cybersecurity vulnerabilities and framework alignment (PDF)
