close icon

Cyber Incident Response Plan

Critical Information Infrastructure (CII) in the United Arab Emirates extends across multiple infrastructure sectors and supports essential government and private sector functions, missions, and innovation. As an aspiring global leader in the use of information and communications technology, the UAE is home to ministries, authorities, institutions, businesses, citizens, and residents that are increasingly vulnerable to cyber incidents. The spectrum of threats is wide and evolving, including natural and manmade, deliberate, and unintentional events that can be cross-jurisdictional (i.e., cross-Emirate), cascading across multiple systems and impacting our government, businesses, citizens, and residents.

As global examples repeatedly demonstrated, cyber incidents can quickly increase in scope and severity, defeat individual response measures and cause harm to critical national services. As threats propagate and preventative and protective measures sometimes fail, an incident can rapidly escalate and become a significant cyber incident. This term is used to describe incidents that require national-level intervention, communication and coordination involving multiple stakeholders to be rapidly and effectively resolved to protect the UAE’s cyberspace and ultimately its government, private sector, and citizens.

The Cyber Incident Response Framework (CIRF) and Plan (CIRP) support the implementation of the National Cybersecurity Strategy by establishing a national incident management capability and defining how the UAE will prepare for, protect against, detect, respond to, recover, and continuously learn from significant cyber incidents.

Its aim is to provide guidance on activities performed collectively by affected stakeholders of the UAE cyber ecosystem, including those at the entity, sector, and federal levels. The main goal of the CIRP is to operationalize the strategic vision for a national cyber incident management capability as laid out by the CIRF and to make sure its strategic purpose is achieved in enabling the UAE to maintain the stability of its cyberspace and to respond to significant cybersecurity incidents as defined by the Cyber Incident Alert Schema