The UAE Cyber Security Council (CSC) and industrial cybersecurity firm Dragos Inc. have established an Operational Technology (OT) Cybersecurity Centre of Excellence (CoE) in the UAE, marking one of the most concrete government-industry commitments to industrial control systems (ICS) defense in the Gulf region. The announcement was made on May 4, 2026, under the UAE's "Make it in the Emirates" (MIITE) initiative. The centre aims to strengthen national cyber resilience by localizing advanced security capabilities, accelerating innovation, and developing a skilled cybersecurity workforce to protect critical infrastructure.

Background

The partnerships announced during MIITE 2026 arrive as governments and enterprises worldwide confront rising cyber threats targeting industrial systems, cloud infrastructure, AI environments, and operational technologies. The threat landscape for Gulf-region infrastructure is directly reflected in Dragos's intelligence reporting. Threat group Pyroxene, which expanded operations from the Middle East into North America and Western Europe beginning in 2023, was observed between 2024 and 2025 targeting aviation, aerospace, defense, and maritime sectors across the U.S., Western Europe, Israel, and the United Arab Emirates. More broadly, Dragos tracked 119 ransomware groups impacting 3,300 industrial organizations in 2025, a 49 percent increase from 80 groups in 2024, with manufacturing accounting for more than two-thirds of victims.

The CoE represents a step toward advancing national cyber resilience and digital sovereignty, with the initiative aiming to position the UAE as a regional and global hub for cybersecurity excellence. The announcement is part of a broader set of OT-focused agreements signed at MIITE 2026: the UAE CSC also signed a Memorandum of Understanding with Siemens to strengthen OT cybersecurity across the UAE's industrial sectors, including plans for a Joint Innovation Centre of Excellence dedicated to OT cybersecurity research, talent development, and solution deployment. That agreement also explores locally hosted security infrastructure and Security Operations Centre (SOC) capability expansion.

Details

Through the partnership, Dragos will provide a specialized OT environment where professionals can simulate real-world cyberattack and defense scenarios, building expertise in OT and ICS security. The facility is intended to go beyond training. Dr. Mohamed Al Kuwaiti, Head of Cybersecurity for the UAE Government, stated that the collaboration with international partners to establish Cybersecurity Centres of Excellence comes amid a surge in cyberattacks targeting critical infrastructure, and that these centres serve as advanced platforms enabling proactive threat anticipation, continuous monitoring, and early detection of cyber incidents.

Robert M. Lee, CEO and co-founder of Dragos, noted that "industrial and critical infrastructure in the UAE and the broader Gulf region faces real and growing threats, and the same threat groups we track globally are active here." Under the parallel Siemens agreement, the parties intend to share intelligence on information security risks, malware propagation, and indicators of compromise, and will collaborate on advisory assistance during cybersecurity incidents through joint working groups staffed by experts from both organizations.

The CoE's design addresses a persistent structural deficit identified in Dragos's fieldwork. Threat groups are gaining access to industrial environments and positioning for operational impact, but compromise typically becomes visible only after process anomalies surface. Many organizations lack the visibility to detect reconnaissance, lateral movement, and data exfiltration before adversaries achieve their objectives. Dragos determined that 25% of ICS-CERT and NVD vulnerabilities had incorrect CVSS scores in 2025, and 26% of advisories contained no patch or mitigation from vendors.

Outlook

The Centre of Excellence supports the UAE's ambition to localize advanced cybersecurity capabilities, accelerate homegrown innovation, and build a world-class cyber workforce. Whether the CoE model is replicated elsewhere will likely depend on its ability to codify threat intelligence sharing and OT defense benchmarks in a form that regional supply chain partners - including manufacturers, energy operators, and logistics firms - can operationalize. H.E. Dr. Mohamed Al Kuwaiti stated that the collaboration forms part of the country's National Cybersecurity Strategy and aims to strengthen the UAE's ability to detect, respond to, and recover from cyber threats across sectors.