emirates7 - The UAE Cyber Security Council (CSC) held a specialised Crisis Simulation Exercise on Monday in cooperation with Immersive, a company specialising in human-centric cyber resilience development, to strengthen the cyber readiness of government entities across the country.
The exercise comes amid the current circumstances facing the nation, which require sustained and strengthened preparedness across all cyber domains to protect the country’s digital infrastructure from potential threats and attacks.
During the exercise, the council’s teams and Immersive experts conducted an advanced cyber simulation focusing on ways to confront, respond to, and halt a potential disruptive cyberattack targeting shared government services and critical infrastructure.
The exercise aimed to elevate the cyber readiness of all participants by delivering a realistic threat simulation that required key decision-making under pressure, thereby helping build effective response capabilities.
The simulation tested best practices in incident response, threat intelligence and business continuity management, while assessing the effectiveness of existing plans in addressing evolving cyber threats, from initial signs of suspicion to full operational disruption.
The exercise also underscored the importance of effective communication, as it focused on ensuring that incident-response policies and procedures were clearly conveyed to all participants, particularly regarding communication mechanisms, designated points of contact, and the rapid and secure exchange of information among relevant entities.
Dr. Mohammed Hamad Al Kuwaiti, Head of Cybersecurity for the UAE Government, affirmed that the council continues its efforts to protect and secure the nation’s cyberspace under all circumstances. He emphasised the council’s ability, in cooperation with all relevant entities, to safeguard the country’s cyberspace and digital assets and to strengthen the stability of its institutions in all situations.
He added that cyber awareness among individuals remains a key component of the national cybersecurity framework, describing people as the first line of defence against cyber threats.
Dr. Al Kuwaiti noted that the cyber exercise aims to better understand the current capabilities and readiness of relevant entities by identifying gaps and areas for improvement based on the teams’ performance, measured through data-driven insights during the simulation. Each step and interaction was monitored to extract lessons learned that contribute to refining strategies and strengthening coordination among technical, operational, and leadership functions.
The exercise scenarios conducted with Immersive focused on a shared services entity affiliated with the UAE government and critical infrastructure being subjected to a sophisticated cyberattack attributed to an international actor.
The simulated attack began as suspicious activity that initially appeared manageable but gradually escalated into a large-scale crisis threatening the continuity of core operations. This posed a challenge to the organisation’s ability to understand the nature of the threat, contain it effectively, maintain essential services, and coordinate a cohesive strategic response under severe time pressure and incomplete information.
Participants were required to assess evolving information, coordinate across technical, operational and leadership teams, and balance incident response with maintaining essential services.
The exercise also involved a range of key and supporting roles to ensure comprehensive coverage of all aspects. The Security Operations Centre (SOC) analyst assumed the primary role in early detection and analysis, while responsibilities were precisely defined to strengthen the overall incident response. The Chief Information Security Officer (CISO) played a central role in guiding policies and strategic decisions, while the business continuity team supported operational efforts. An additional supporting role for the CISO was also included to facilitate coordination across different organisational levels.
The exercise relied on a customised crisis simulation model replicating a targeted attack on shared services, with a focus on complex networks and interconnections between critical systems.
The exercise will result in a detailed report identifying vulnerabilities and proposing improvement plans to enhance national preparedness against advanced cyber threats, reflecting the UAE’s commitment to building a robust cybersecurity ecosystem that protects government services and critical infrastructure.
The exercise comes amid the current circumstances facing the nation, which require sustained and strengthened preparedness across all cyber domains to protect the country’s digital infrastructure from potential threats and attacks.
During the exercise, the council’s teams and Immersive experts conducted an advanced cyber simulation focusing on ways to confront, respond to, and halt a potential disruptive cyberattack targeting shared government services and critical infrastructure.
The exercise aimed to elevate the cyber readiness of all participants by delivering a realistic threat simulation that required key decision-making under pressure, thereby helping build effective response capabilities.
The simulation tested best practices in incident response, threat intelligence and business continuity management, while assessing the effectiveness of existing plans in addressing evolving cyber threats, from initial signs of suspicion to full operational disruption.
The exercise also underscored the importance of effective communication, as it focused on ensuring that incident-response policies and procedures were clearly conveyed to all participants, particularly regarding communication mechanisms, designated points of contact, and the rapid and secure exchange of information among relevant entities.
Dr. Mohammed Hamad Al Kuwaiti, Head of Cybersecurity for the UAE Government, affirmed that the council continues its efforts to protect and secure the nation’s cyberspace under all circumstances. He emphasised the council’s ability, in cooperation with all relevant entities, to safeguard the country’s cyberspace and digital assets and to strengthen the stability of its institutions in all situations.
He added that cyber awareness among individuals remains a key component of the national cybersecurity framework, describing people as the first line of defence against cyber threats.
Dr. Al Kuwaiti noted that the cyber exercise aims to better understand the current capabilities and readiness of relevant entities by identifying gaps and areas for improvement based on the teams’ performance, measured through data-driven insights during the simulation. Each step and interaction was monitored to extract lessons learned that contribute to refining strategies and strengthening coordination among technical, operational, and leadership functions.
The exercise scenarios conducted with Immersive focused on a shared services entity affiliated with the UAE government and critical infrastructure being subjected to a sophisticated cyberattack attributed to an international actor.
The simulated attack began as suspicious activity that initially appeared manageable but gradually escalated into a large-scale crisis threatening the continuity of core operations. This posed a challenge to the organisation’s ability to understand the nature of the threat, contain it effectively, maintain essential services, and coordinate a cohesive strategic response under severe time pressure and incomplete information.
Participants were required to assess evolving information, coordinate across technical, operational and leadership teams, and balance incident response with maintaining essential services.
The exercise also involved a range of key and supporting roles to ensure comprehensive coverage of all aspects. The Security Operations Centre (SOC) analyst assumed the primary role in early detection and analysis, while responsibilities were precisely defined to strengthen the overall incident response. The Chief Information Security Officer (CISO) played a central role in guiding policies and strategic decisions, while the business continuity team supported operational efforts. An additional supporting role for the CISO was also included to facilitate coordination across different organisational levels.
The exercise relied on a customised crisis simulation model replicating a targeted attack on shared services, with a focus on complex networks and interconnections between critical systems.
The exercise will result in a detailed report identifying vulnerabilities and proposing improvement plans to enhance national preparedness against advanced cyber threats, reflecting the UAE’s commitment to building a robust cybersecurity ecosystem that protects government services and critical infrastructure.
الرجاء الانتظار ...