Cybersecurity/Trust | Emerging Trends | IoT
August 16, 2017

What the UAE is doing to tackle cybersecurity threats

By ITU News

ITU News recently connected with Mr. Ghaith Al Mazaina – the incoming Manager of Government Relations and International Cooperation of the Telecommunications Regulatory Authority of the United Arab Emirates (UAE) – on a range of issues regarding the UAE’s cybersecurity efforts.

Below are some excerpts of the exchange.

On the evolution of the UAE’s Computer Emergency Response Team…

The Computer Emergency Response Team (aeCERT) is an initiative of the UAE Telecommunications Regulatory Authority (TRA) that was established to improve the standards and practices of information security, and protect the IT infrastructure in the UAE from risks and violations, in conformity with the TRA strategy that aims to support and ensure a safer cyber space for the residents of the UAE and visitors.

aeCERT provides a wide range of services under the following categories:

  • Awareness & Education –

    Awareness sessions, workshops and seminars about information security in conjunction with the relevant government entities, the private sector, academia and the public. The team also uses other means like social media, TV, newspapers, and magazines to increase the awareness within the society in regards to information security.

  • Monitoring and Response –

    Proactive services in the form of preliminary alerts and advisories to constituents to improve their infrastructure and related security processes prior to the detection or occurrence of any incident or event. The team also provides support and advice during remediation and recovery from security incidents.

  • Security Quality Services –

    Periodic and continuous tests on active networks to minimize the risk of attacks and cyber threats. The team also conducts vulnerability assessments and penetration testing.

“The UAE CERT (aeCERT) believes that information security awareness is a culture that should be practiced by everyone within the society.”

Regionally, aeCERT contributes with the other Gulf Cooperation Council (GCC) countries in GCC-CERT to better protect the GCC countries from the cyber attacks that targets them. The GCC countries have meetings on regular basis and are in the process of creating an information security strategy for the GCC region.

On how to keep abreast and tackle upcoming cyber threats, such as Petya Virus…

The UAE have taken measures to ensure the readiness of entities for such attacks. The UAE created the UAE Information Assurance Standard which is in the process of being applied to the governmental entities to preserve the security of the information. On the other side, aeCERT created an annual information security awareness campaign targeting all the citizens of UAE, to increase their level of awareness of these malwares, how they spread, and how to protect themselves from them.

On future threats and opportunities of cybersecurity…

We see the threats increasing in the Internet of Thing (IoT) field as IoT device usage has been growing more and more. Also, the use of artificial intelligence (AI) in data analysis and profiling is a merging threat.

However, there is an opportunity in using AI in favor of increasing security as to detect what used to go undetected before, and to provide a better classification and understanding of the data.

On cybersecurity in light of the UN’s Sustainable Development Goals (SDGs) …

The information and communication technology (ICT) sector – and, specifically, mobile and broadband connectivity – are essential enablers for economic growth, social inclusion and environmental protection. Poverty reduction, women’s empowerment, better education and the ambitious plans of clean energy are all facilitated by ICT services. It is for this reason that the essential cyber security measures be taken. Effective policymaking with monitoring and increasing awareness are fundamental aspects of ensuring this and it will be taken up at the national, regional and international levels.

On the role of regional and national CERTS in raising awareness on cybersecurity…

The UAE CERT (aeCERT) believes that information security awareness is a culture that should be practiced by everyone within the society.

To achieve that, aeCERT worked closely with the UAE ministry of education to create the first curriculum that promotes safe usage of technology between school students from grade 1 to 12. Also, aeCERT created the Salim website, which contains many resources that could be enjoyed and used by families and organization.

Moreover, aeCERT uses summer camps, events, and conferences to spread awareness. The team also visits all the governmental organizations to deliver awareness sessions in information security.

Finally, aeCERT took the extra step of training trainers to be information security awareness champions that take on the message of spreading the awareness around the country. UAE works closely with the other countries in the region to increase the level of awareness of their citizens by building an awareness strategy and creating awareness projects and tests that are being held currently.

Ghaith Al Mazaina
Mr. Ghaith Al Mazaina is the incoming Manager of Government Relations and International Cooperation of the Telecommunications Regulatory Authority of the United Arab Emirates (UAE).
  • Was this article Helpful ?
  • yes   no
© International Telecommunication Union 1865-2017 All Rights Reserved.
ITU is the United Nations' specialized agency for information and communication technology. Any opinions expressed and statistics presented by third parties do not necessarily reflect the views of ITU.