The UAE Cyber Security Council used Abu Dhabi's Make it in the Emirates 2026 forum to launch a coordinated cluster of public-private partnerships aimed at institutionalizing operational technology (OT) cyber governance across the Gulf's critical infrastructure sectors.

Background

The newly released UAE National Cyber Security Strategy 2025-2031 signals the end of a permissive era for digital governance, introducing strict approvals, supply-chain checks, and industry-specific rules that will significantly reshape organizational legal obligations. The rollout of the National Cyber Accreditation Programme (NCAP) during 2026 will begin restricting the use of unaccredited cybersecurity service providers for critical information infrastructure. Against that regulatory backdrop, Group-IB's High-Tech Crime Trends 2025 report documents a 44% increase in underground recruitment efforts by ransomware affiliates targeting GCC countries.

The forum's cybersecurity agenda spanned five separate agreements covering OT simulation environments, threat intelligence sharing, locally hosted security infrastructure, post-quantum cryptography migration, and AI-governance frameworks - a scope reflecting the Council's intent to treat industrial cyber resilience as a national economic priority rather than a compliance exercise.

Details

The most operationally focused agreement pairs the Council with industrial cybersecurity firm Dragos Inc. Under the partnership, Dragos will provide a specialized OT environment where professionals can simulate real-world cyberattack and defense scenarios, supporting efforts to localize advanced cybersecurity capabilities, accelerate innovation, and develop a skilled cyber workforce. Robert M. Lee, CEO and co-founder of Dragos, said "the same threat groups we track globally are active here," citing rising pressure on industrial and critical infrastructure across the wider Gulf region.

Separately, the Council and Siemens signed a Memorandum of Understanding (MoU) to secure OT environments across the UAE's industrial landscape, establishing a strategic framework for joint cyber defense, knowledge sharing, and locally hosted security capabilities. Beyond technology deployment, the MoU establishes a framework for ongoing information exchange and joint incident response. The parties intend to share intelligence on security risks, malware propagation, and indicators of compromise, and to coordinate joint working groups during cybersecurity incidents. Siemens brings a global team of more than 1,300 cybersecurity experts handling over 1,000 incidents every month to the arrangement.

The Council also announced a strategic collaboration with Nozomi Networks focused on providing deeper visibility, advanced threat detection, and intelligence-driven security for critical national assets across energy, utilities, transportation, manufacturing, and smart infrastructure. The collaboration includes establishing an Innovation and Excellence Center in Abu Dhabi that will function as a hub for R&D, supporting the development of advanced solutions and high-impact research in industrial cybersecurity.

IBM and the Council announced plans to establish a joint Innovation Center in Abu Dhabi to help accelerate the UAE government's agenda for trusted AI, cybersecurity, and next-generation digital innovation. Honeywell's collaboration with the Council will advance cybersecurity readiness by localizing cyber services and supporting the development of forward-looking cyber policies, with combined advanced technologies to be deployed at the UAE's National Security Operations Centre (NSOC) to drive OT cyber solutions for critical industrial infrastructure.

Mohamed Al Kuwaiti, Head of Cybersecurity for the UAE Government, stated that efforts to establish Centers of Excellence "come amid an unprecedented surge in cyberattacks targeting critical infrastructure," describing the centers as platforms enabling proactive threat anticipation, continuous monitoring, and early detection of anomalous behavioral patterns before incidents escalate.

The governance implications extend beyond capability building. The UAE's Secure Supply Chain Program, aligned with global best practices, moves the country toward requiring Software Bill of Materials (SBOM) transparency for government procurement. Organizations must also audit their supply chains to ensure managed security service providers and cloud vendors hold the necessary UAE accreditation.

Outlook

The agreements remain frameworks rather than finished operating models, and their impact will depend on execution - how quickly joint centers stand up, how information-sharing rules are structured, how industrial operators are onboarded, and whether smaller suppliers gain access to practical support. The Council also expanded its partnership with the Advanced Technology Research Council (ATRC) to accelerate the UAE's transition toward post-quantum cybersecurity, including deployment of QuantumGate's Crypto Discovery Tool, cryptographic libraries developed by the Technology Innovation Institute, and entanglement-based Quantum Key Distribution technologies. For OT and ICS operators evaluating their own cyber posture, an earlier analysis of the Dragos 2026 OT threat landscape documents the persistent visibility gaps these Gulf-region initiatives are designed to address at a national scale.