United Arab Emirates Last Updated: September 2021

CYBERSECURITY POLICY

Strategy Documents

National Cyber Security Strategy 2019 (NCSS)

Telecommunications Regulatory Authority (TRA)

The strategy is based on 5 pillars and 60 initiatives aiming to mobilise the whole cybersecurity ecosystem in the UAE;
The five pillars include 1) cybersecurity laws and regulations; 2) a vibrant cybersecurity ecosystem; 3) National Incident Response plan; 4) CIIP
program; 5) partnerships.
The NCSS will be in force for three years from the date of its launch in June 2019.

Source
June 2019

Implementation Frameworks

Critical Information Infrastructure Policy (CIIP)

National Electronic Security Authority

Collectively with NCSS and IA Standards, work towards enhancing UAE national security by improving the protection of national information and
communications infrastructure (ICT).

Source
25 June 2014

UAE Information Assurance Regulation v1.1

Telecommunications Regulatory Authority

The purpose of the UAE IA Regulation is to provide requirements to raise the minimum level of protection of information assets and supporting
systems across all implementing entities in the UAE,
Replaced the UAE Information Assurance (IA) Standards v 1.0.

Source
March 2020

STRUCTURE

National Centre or Responsible Agency

Signals Intelligence Agency (SIA)

The Supreme Council for National Security

Aims at organizing the protection of the communications network and the information systems in the State, as well as developing, amending and
using the necessary means in E-Security field;
Previously National Electronic Security Authority (NESA).

Source
2012

National Cyber Security Council (NCSC)

 United Arab Emirates Last Updated: September 2021

The Council is responsible for suggesting and drafting legislation to strengthen cybersecurity in the country;
Chaired by the Head of Cyber Security for the UAE Government;
Established in November 2020.

Source Source 2
November 2020

Key Positions

Executive Director
Signals Intelligence Agency (SIA)
Source

National CERT or CSIRT

UAE Computer Emergency Response Team (aeCERT)

UAE Telecommunications Regulatory Authority (TRA)

Cyber security coordination center in the UAE.

Source Source 2
2008

LEGAL FRAMEWORK

Legislation

Emiri Decree No. 02 of 2018

Amends UAE Cybercrime Law No.5 of 2012;

Updates provisions in Federal Law No. 5 of 2012, includes online activities taken for the interest of a terrorist group.

Source
13 August 2018

Federal Law No. 5 of 2012

On combating cybercrimes.

Source
13 August 2012

Federal Law No. 2 of 2006

On the prevention of information technology crimes.

Source Source 2
30 January 2006

COOPERATION
 United Arab Emirates Last Updated: September 2021

Multilateral Agreements

Arab Convention on Combating Information Technology Offences

Ratified

Source Source 2

Bilateral and Multilateral Cooperation

Memorandum of Understanding, India-UAE

Directorate General of Criminal Security, Ministry of Interior, and the State Security Department
Technical cooperation in cyber space and combating cyber-crime
Source
February 2016

Membership

International Telecommunications
Union (ITU)

Organisation of Islamic Cooperation

(OIC)

United Nations (UN)