The increased connectivity of cyberspace has led to significant transformations, economies of scale and efficiencies across the UAE - and around the world. It has also increased the complexity of our shared cybersecurity threats. As a global leader in ICT adoption, the UAE confronts a dangerous combination of known and unknown vulnerabilities in cyberspace. In addition, threats (natural and man-made, deliberate, and unintentional) are rapidly becoming more diverse and capable, increasing both the frequency, sophistication, magnitude, and consequences of cybersecurity incidents.

There is a growing awareness of cybersecurity risk and its implications for national and international security. The sharing or exchange of cybersecurity information is therefore seen as an increasingly critical component in reducing cybersecurity risks across the UAE government and Critical Information Infrastructure (CII).

The Council has developed this framework to establish a National Cybersecurity Information Sharing Framework to promote and institutionalize cybersecurity information sharing and collaboration across multiple stakeholders. This framework is aligned with the UAE’s national priority to be a global leader in cyber security and will enhance the security posture of organizations and individuals across the UAE.

Cyber Security Information Sharing Framework Overview 

Focuses on the integration of people, processes, and technology to create a decentralized, distributed, and coordinated environment for exchanging information among stakeholders. It covers governance and working group mechanisms, rules for sharing, and secure platforms for timely information exchange.
 

Information Sharing Framework Elements 

Highlights various types of information shared within cybersecurity exchanges, influenced by the stakeholders' perspectives and technical capabilities. It highlights different exchange models such as voluntary sharing and mandatory disclosure, and the methods used for information exchange within the UAE, which can be manual or automated.

Outlines roles of government ministries, authorities, and institutions that operate critical systems. The CSC leads in developing and maintaining a trusted information-sharing environment. It outlines responsibilities such as gathering and analyzing information, developing sharing mechanisms, promoting international partnerships, and managing access to the information-sharing platform.