Research Article

Cloud Security Challenges in Saudi E-commerce Platforms under Vision 2030

Authors

Abstract

Saudi Arabia's e-commerce sector has become one of the most rapidly expanding digital markets in the Middle East, propelled by the Kingdom's Vision 2030 agenda, high internet penetration, and a young, digitally engaged population. As e-commerce operators accelerate their migration to cloud-based infrastructure, they face a sophisticated and intensifying security landscape that threatens both operational continuity and the trust of millions of consumers. This study investigates the principal cloud security challenges confronting Saudi e-commerce platforms operating within the Vision 2030 context. Drawing on a systematic review of academic literature, industry and market research reports, and primary regulatory documents — including Saudi Arabia's Personal Data Protection Law (PDPL) and the National Cybersecurity Authority (NCA) cloud security frameworks — the study identifies and analyses seven distinct challenge domains: cloud misconfiguration and the shared responsibility gap; identity and access management weaknesses; regulatory compliance and data localization complexity; ransomware and distributed denial-of-service threats; third-party and supply chain risk; cybersecurity talent scarcity; and insider threats. The findings reveal a structural misalignment between the pace of cloud adoption and the maturity of security governance among Saudi e-commerce operators, particularly small and medium-sized enterprises. The paper concludes with evidence-based recommendations for platform operators, regulators, and policymakers to bridge this gap and build a cloud security posture commensurate with Vision 2030's ambitions for a trusted, resilient digital economy.

Article information

Journal

Journal of Computer Science and Technology Studies

Volume (Issue)

8 (8)

Pages

121-134

Published

2026-07-13

Downloads

Views

3

Downloads

2

Keywords:

Cloud Security, Saudi E-commerce, Vision 2030, PDPL, NCA, Cybersecurity, Data Sovereignty, Shared Responsibility Model, Digital Transformation