The UAE Cyber Security Council (CSC) announced a cluster of operational technology (OT) cybersecurity partnerships at the Make it in the Emirates 2026 forum in Abu Dhabi, establishing a coordinated, multi-vendor framework that industry observers say sets a regional template for standardized industrial security governance.

Background

The UAE Cyber Security Council partnered with Dragos Inc. to establish an OT Cyber Security Centre of Excellence (CoE) in the UAE under the Make it in the Emirates initiative, marking a significant step in advancing national cyber resilience and digital sovereignty. The partnership supports efforts to localize advanced cybersecurity capabilities, accelerate innovation, and develop a skilled cyber workforce.[1] The announcement on May 4, 2026 was the first of several OT-focused agreements unveiled across the forum.

Across the GCC, organizations face a steadily evolving threat environment shaped by digital transformation, increased connectivity, and rising geopolitical complexity. Cybersecurity strategies are being tested not only for technical strength but also for their ability to support resilience at scale. Dragos threat intelligence adds specific urgency to the Gulf context: the PYROXENE threat group, assessed to have substantial technical overlap with Iran's IRGC Cyber Electronic Command, targets aviation, aerospace, defense, and maritime sectors across the U.S., Western Europe, Israel, and the United Arab Emirates, according to Dragos's 2026 OT/ICS Cybersecurity Year in Review. The group conducts supply chain compromises and social engineering campaigns, leveraging initial access to enable lateral movement from IT into OT networks.

Details

Robert M. Lee, CEO and co-founder of Dragos, stated that "the same threat groups we track globally are active here," describing the CoE as a direct response to real and growing threats facing industrial and critical infrastructure across the UAE and the broader Gulf region. The facility provides a specialized OT environment where professionals can simulate real-world cyberattack and defense scenarios, gaining hands-on expertise in OT and industrial control systems (ICS) security.

Dr. Mohamed Al Kuwaiti, Head of Cybersecurity for the UAE Government, tied the CoE initiative directly to an "unprecedented surge in cyberattacks targeting critical infrastructure," describing the centers as platforms that enable proactive anticipation of cyber threats while providing mechanisms for continuous monitoring and early detection of anomalous behavioral patterns before incidents escalate.

The Dragos agreement was followed the next day by a complementary announcement. On May 5, 2026, the UAE Cybersecurity Council and Nozomi Networks announced a strategic collaboration aimed at strengthening the cybersecurity resilience of UAE critical infrastructure, supporting deeper visibility, advanced threat detection, and intelligence-driven security across energy, utilities, transportation, manufacturing, and smart infrastructure. The collaboration extends to establishing an Innovation and Excellence Center in Abu Dhabi, intended as a national platform to accelerate innovation, enhance resilience, and strengthen industrial cybersecurity readiness.

A third agreement followed on May 7, 2026, when the UAE Cyber Security Council and Siemens signed a Memorandum of Understanding (MoU) to deepen cooperation in cybersecurity across critical infrastructure and industrial sectors. The MoU establishes a strategic framework for joint action on cyber defense, knowledge sharing, and the development of locally hosted security capabilities. Under the agreement, the two parties intend to deploy a Security Information and Event Management (SIEM) platform within the UAE using national cloud infrastructure to ensure data sovereignty and operational proximity. They also plan to share intelligence on information security risks, malware propagation, and indicators of compromise, while coordinating advisory support and joint working groups during cybersecurity incidents.

Honeywell was also announced as a Make it in the Emirates 2026 partner. The CSC and Honeywell agreed to enhance cybersecurity readiness by localizing cyber services, advancing capacity-building initiatives, and supporting the development of cyber policies aligned with national frameworks. The collaboration will leverage combined advanced technologies implemented at the UAE's National Security Operations Centre (NSOC) to drive OT cyber solutions for critical industrial infrastructure.

The broader threat landscape reinforces the scale of the challenge these partnerships address. Dragos tracked 119 ransomware groups impacting 3,300 industrial organizations in 2025, a 49 percent year-over-year increase from 80 groups in 2024, with manufacturing accounting for more than two-thirds of victims, according to Dragos's 2026 annual report. Dragos also determined that 25 percent of ICS-CERT and NVD vulnerability advisories contained no patch or mitigation from vendors in 2025, underscoring the gap that shared threat intelligence programs aim to close.

Outlook

The initiative reflects a public-private collaboration model aimed at building sustainable cyber capabilities and reinforcing the UAE's position in cybersecurity. It seeks to establish the UAE as a regional and global hub for cybersecurity excellence, aligning with national strategies to strengthen critical infrastructure protection and technological leadership.[2] For OT operators and vendors across the Gulf, the convergence of multiple vendor CoEs under a single national council signals a move toward standardized governance frameworks - with cross-border threat intelligence sharing and locally anchored security operations centers emerging as the primary structural mechanisms. Whether the model produces interoperable standards that extend to GCC neighbors will depend on the protocols and data-sharing agreements each center develops in its next operational phase.