The COVID-19 pandemic sparked a digital revolution. Partly as a result, the world is set to embrace cybersecurity as never before. The signs of this transformation are already visible.
Importance of a CISO
First, cybersecurity is showing a new maturity. It has become a hot boardroom topic, and many organisations are appointing a Chief Information Security Officer or CISO in their executive team.
My role is a testimony to this change. I was appointed as Head of Cybersecurity for the UAE government in November 2020 with the aim of developing a comprehensive cybersecurity strategy and creating a safe and strong cyber infrastructure in the UAE.
UAE GCI 5th
In April 2021, The UAE was ranked 5th globally for a robust cybersecurity infrastructure as per the Global Cybersecurity Index 2020 report, issued by International Telecommunication Union.
Cybersecurity standards
In November 2021, the UAE also announced the adoption of cybersecurity standards for government agencies. In making the announcement, Sheikh Mohammed bin Rashid Al Maktoum, Vice President and Prime Minister of the United Arab Emirates, and ruler of the Emirate of Dubai stressed that cybersecurity is a sovereign priority.
Cybersecurity cultural shift
Second, it is no longer laws and regulations that are driving change. Instead, we are witnessing a broad cultural shift, for which laws and regulations merely provide support. Companies and governments recognize that cybersecurity has become a key business enabler. There is no longer any question of whether to do it, only what to do and how to do it most effectively.
Dangers of ransomware and National Bug Bounty Program
Recognising that ransomware has become a serious problem, the UAE launched a National Bug Bounty program to protect critical information infrastructure and to build a joint relationship with private sectors. Since August, we have begun requiring all of our telcos to participate in the program. We’re also begun federal government-level cyber drills that simulate ransomware attacks, training our agencies how best to respond in the event of a real one.
Development of cybersecurity framework
In addition, we are developing a new cybersecurity framework consisting of seven advisory policies that address cybersecurity concerns. This framework will accelerate the adoption of leading-edge technologies and best practices in the UAE, along with the alignment with the global theme.
SolarWinds incident and supply chain attacks
Third, since the SolarWinds incident roughly two years ago, it has become clear that we, as a society, must rethink our notions of supply chain security. Gaps in the supply chain and inadequate security precautions by third-party vendors are responsible for many of the attacks we have seen in recent years. Some attacks have had domino effects felt around the world: the Solar Winds hack affected organisations in at least eight countries.
Securing supply chains
Insecure supply chains are being further fragmented by geopolitics, making it harder to achieve harmonised standards and interoperable platforms. Greater unity and common standards would help provide more certainty, driving the adoption of new technology and boosting productivity and economic growth.
Solving the cybersecurity issue as a collective
The UAE is moving to take the lead in cybersecurity
Cybersecurity is a shared responsibility – a team sport if you will. Cybersecurity issues can never be addressed by one person, organisation, or country. Instead, they instead require mutual collaboration between the public and private sectors.
Public-private-partnerships
Earlier this year, during the Gulf International Security Expo and Conference, I called for the formation Public-Private-Partnerships (PPP) that would strengthen our ability to cope with the cybersecurity threats of tomorrow. I hope the industry comes out with their own initiatives that use PPP as a framework to build the UAE into a stronghold against such threats.
Protective shield and cyber drills
In addition to that, several cyber drills and exercises were conducted with national and international entities to enhance communication and collaboration, the drills focused on several of the critical sectors and included a variety of cyber-attack scenarios, including a simulation of a series of cyber-attacks in a controlled environment, in order to train and assess the capacity to respond to any cyber-attack.
Cybersecurity and digital transformation conferences
The UAE highlighted that it hosts the world’s largest cybersecurity and digital transformation conferences including GITEX, GISEC, and Cybertech to build domestic capacity and that it has developed a platform for public-private partnerships to facilitate information sharing. Additionally, the UAE outlined its collaboration with states, international organisations, and private sector entities to share information at the policy and technical levels.
Information sharing
The UAE has built a platform for public-private partnerships to facilitate information sharing. The country also hosts the world’s largest cybersecurity and digital transformation conferences, including GITEX, GISEC, Cybertech and Intersec. In addition, the UAE outlined its policy and technical collaboration with states, international organisations, and private sector entities to share information.
Future plans and initiatives in cybersecurity
The UAE wants to help bring order to the current Wild West of cyber space. Fortunately, owing to the developments described above, that change is well underway. To kick start the coming year, in January we will host the first cybersecurity lab in partnership with Intersec, the leading emergency services, security and safety event. There, we look forward to creating a platform showcasing the UAE’s innovative and advanced initiatives in cybersecurity and reaffirming the country’s efforts to establish effective global partnerships. Following that, we will host GISEC, the largest cybersecurity conference and exhibition in the Middle East and North Africa.
Enable partners and an ecosystem of openness
Simply put, our objective is to establish the UAE as a trusted digital hub globally. As we embark on this ambitious goal, we hope to help our partners and allies build an eco-system based on the principles of openness, transparency and collaboration. The end result will be a more secure, more resilient digital future, not only for the UAE but for our partners and friends as well.
