The UAE Cyber Security Council (CSC) signed four operational technology (OT) cybersecurity agreements with major industrial vendors in the first week of May 2026, marking a coordinated shift toward multi-vendor governance of the country's critical infrastructure networks. The pacts - involving Dragos, Nozomi Networks, Siemens, and Honeywell - were announced in rapid succession and collectively establish a framework for shared asset visibility, threat intelligence exchange, and joint incident response across OT environments.

Background

The agreements align with the UAE's National Cybersecurity Strategy 2025-2031, which prioritizes cohesive governance, regulatory harmonization, and public-private partnership as pillars of national cyber resilience. UAE authorities have long maintained that accelerating IT/OT convergence across energy, utilities, and manufacturing sectors has expanded the national attack surface. That assessment now has documented backing: Dragos's 9th Annual OT Cybersecurity Year in Review, published in early 2026, found that industrial adversary activity shifted from reconnaissance toward attempted operational effects throughout 2025, and that ransomware incidents targeting industrial organizations rose 64% year over year, with 119 groups affecting roughly 3,300 organizations. The Middle East has not been exempt - Dragos previously identified the MAGNALLIUM threat group as targeting oil and gas, satellite communications, and government entities in the UAE.

The CSC has operated a multi-stakeholder model since its establishment in November 2020, coordinating cybersecurity standards, regulatory frameworks, and international partnerships. The Make it in the Emirates initiative, under which several of the new agreements were formalized, adds a localization dimension: each vendor is expected to contribute in-country capability development, not just technology deployment.

Details

The UAE Cyber Security Council partnered with Dragos Inc. to establish an OT Cyber Security Centre of Excellence under the Make it in the Emirates initiative. The centre will strengthen cyber resilience by localizing advanced security capabilities, offering a specialized OT environment where professionals can simulate real-world cyberattack and defense scenarios and gain hands-on expertise in OT and industrial control systems (ICS) security.

One day later, the CSC and Nozomi Networks announced a strategic collaboration to strengthen cybersecurity resilience across the UAE's critical infrastructure and industrial sectors. The collaboration extends beyond a bilateral partnership to include an Innovation and Excellence Center in Abu Dhabi, intended as a national platform for OT and IoT cybersecurity innovation and industrial readiness.

On May 7, the CSC and Siemens signed a Memorandum of Understanding (MoU) to deepen cooperation in cybersecurity across critical infrastructure and industrial sectors, with the goal of securing OT environments throughout the UAE's industrial landscape. Beyond technology deployment, the MoU establishes a framework for ongoing information exchange and joint incident response, with both parties committing to share intelligence on security risks, malware propagation, and indicators of compromise. The agreement also includes phased expansion of UAE-based Security Operations Center (SOC) capabilities and explores deployment of Siemens' SINEC Guard solution on UAE cloud infrastructure.

The Honeywell agreement, announced on May 6, focuses on centralized deployment: advanced technologies will be implemented at the UAE's National Security Operations Centre to deliver OT cyber solutions aimed at safeguarding critical industrial infrastructure.

Officials framed the cluster of agreements explicitly as a surge-response measure. Dr. Mohamed Al Kuwaiti, Head of Cybersecurity for the UAE Government, stated that collaboration with international partners to establish Cybersecurity Centres of Excellence comes amid a surge in cyberattacks targeting critical infrastructure. Dragos CEO Robert M. Lee said that "the same threat groups we track globally are active" in the UAE and broader Gulf region.[1]

For asset owners operating multi-vendor industrial environments, the governance implications are direct. Dragos's field engagements found that 45% of OT service engagements involve a lack of visibility across OT networks, making detection, triage, and response difficult at scale. The UAE's framework addresses this gap by routing threat intelligence through shared platforms and mandating joint working group participation during security incidents - a mechanism explicitly included in the Siemens MoU. Siemens brings a global team of more than 1,300 cybersecurity experts handling over 1,000 incidents per month to support the cross-border incident response architecture.

Outlook

The concentration of agreements under a single national initiative signals regulatory intent beyond voluntary partnerships. Dr. Al Kuwaiti described the Siemens collaboration as "part of the implementation of our National Cybersecurity Strategy to enhance our ability to detect, respond to, and recover from cyber threats across all sectors." Plant managers and OT system architects in sectors covered by these agreements - energy, utilities, manufacturing, and transportation - should anticipate new reporting requirements aligned with the joint incident response frameworks now being formalized. The National Cyber Security Strategy 2025-2031 forms part of a broader development agenda outlined in the UAE's Centennial Plan and the "We the UAE 2031" Vision, suggesting the governance trajectory will intensify rather than plateau. Vendors operating in UAE industrial markets will likely need to align product roadmaps with the shared data formats and open interfaces required to connect to the centralized SOC and SIEM infrastructure now under development.