The UAE Cyber Security Council (CSC) and Dragos Inc. have established an Operational Technology (OT) Cyber Security Centre of Excellence (CoE) in the UAE, formalizing a public-private collaboration to harden the country's industrial control systems against escalating cyber threats. The partnership was announced on May 4, 2026, under the UAE's Make it in the Emirates initiative.
Background
The initiative arrives amid a deteriorating threat environment. As of February 18, 2026, UAE authorities were intercepting 90,000 to 200,000 cyberattacks per day, with more than 70% linked to state-sponsored threat actors. Following military operations in the broader Middle East conflict, daily breach attempts surged further, with the current average ranging between 600,000 and 800,000 attempts, according to Mohamed Al Kuwaiti, chairman of the UAE Cyber Security Council. In 2024, the UAE accounted for 12% of all cyberattacks in the MENA region, making it the second most targeted country in the region.
UAE energy and utility providers face state-sponsored attackers targeting OT assets, mirroring global sabotage trends but carrying higher geopolitical stakes. The country's National Cyber Security Strategy (2025-2031) responds by shifting focus from capacity building to active defense, structured around five strategic pillars.
The Dragos partnership is one of several agreements the CSC concluded at the Make it in the Emirates 2026 event. A Memorandum of Understanding with Siemens was also signed, covering OT cybersecurity across industrial sectors, with plans to establish a Joint Innovation Centre of Excellence for OT research, talent development, and solution deployment. Earlier the same month, the UAE Cybersecurity Council and Nozomi Networks announced a collaboration spanning OT and IoT environments across energy, utilities, transportation, manufacturing, and smart infrastructure.
Details
The CoE is designed to strengthen cyber resilience by localizing advanced security capabilities and building a skilled workforce. The facility offers a specialized OT environment where professionals can simulate real-world attack-and-defense scenarios, gaining hands-on expertise in OT and industrial control systems (ICS) security.
Dragos CEO and co-founder Robert M. Lee attributed the project's urgency to active threat group presence in the region. Lee stated that industrial and critical infrastructure in the UAE and the wider Gulf face growing threats from global threat groups, and that the CoE "will enable operators to understand how OT environments are monitored, how threats are detected, and how effective defence is implemented in practice."
Dr. Mohamed Al Kuwaiti, Head of Cybersecurity for the UAE Government, stated that the collaboration with international partners to establish Centres of Excellence "comes amid a surge in cyberattacks targeting critical infrastructure," adding that the centers "serve as advanced platforms that enable proactive threat anticipation, continuous monitoring, and early detection of cyber incidents."
The CoE aims to advance national cyber resilience and digital sovereignty, with the stated goal of positioning the UAE as a regional and global hub for cybersecurity excellence aligned with critical infrastructure protection strategies.
The center is intended to localize advanced cybersecurity capabilities, strengthen industrial resilience, and accelerate homegrown innovation. Dragos says the facility will provide practitioners with a real-world OT environment to run attack-and-defense scenarios and build OT and ICS security skills.
Outlook
The UAE's rollout of the National Cyber Accreditation Programme (NCAP) during 2026 will begin restricting unaccredited cybersecurity service providers from operating on critical information infrastructure. This regulatory shift is expected to increase demand for domestically anchored OT security capabilities of the kind the CoE provides. The Middle East and Africa cybersecurity market is projected to grow from USD 3.27 billion in 2025 to USD 6.54 billion by 2031, reflecting a 12.23% compound annual growth rate, driven in part by rising OT threats to regional energy assets. Whether the UAE model-pairing a government cybersecurity mandate with a specialized industrial security vendor-will be replicated across other Gulf Cooperation Council states remains a near-term question for the region's industrial security community.
