"Dubai Cyber Security Strategy"

His Highness Sheikh Mohammed bin Rashid Al Maktoum, Vice President and Prime Minister of the United Arab Emirates, and Ruler of Dubai, with the attendance of His Highness Sheikh Hamdan bin Mohammed bin Rashid Al Maktoum, Crown Prince of Dubai, and Chairman of the Executive Council, and His Highness Maktoum bin Mohammed bin Rashid Al Maktoum, Deputy Ruler of Dubai, launched the “Dubai Cyber Security Strategy” that aims to strengthen Dubai’s position as a world leader in innovation, safety and security. The strategy focuses on the following domains:

•  Cyber smart society

•  Innovation

•  Cyber Security 

•  Cyber Resilience

•  National and International collaboration

The strategy is a great advancement from the earlier strategies, as it focuses heavily on the security and connectivity of smart cities with connected system and services. It also focuses on the upcoming cyber security challenges for the next decade.

This strategy gives more importance on moving towards a cyber-centred society which is technology-savvy with clear responsibilities towards cyber hygiene. This includes the government and private entities implementing secured services, consumers accessing the services in a secured manner and also the government’s monitoring activities to ensure that the security of the services is always guaranteed. 

The strategy also established based on moving towards innovation, which encourages the organisations and entrepreneurs to think out of the box and create better secured services and solution with improvements in quality and reach.

As per the new framework, public-private partnership is the way to go when preparing a country level cyber strategy as both play equal and important roles for the same. The role for the government is to create and enforce the necessary laws, policy and infrastructure to ensure a fair and just environment for the private sector to introduce new services which secure the cyber assets and interests of the country. The country should be focusing more on the next generation challenges related to cyber and information security laws, data transfer and data encryptions’ regulations. Also awareness campaigns for the general public will be helpful. 

Furthermore, the role UAE CERT (Computer Emergency Response Team) should also be increased to move from a country wide to a regional role. Private organizations should also be part of the interaction to ensure that the laws and regulations are investor and technology friendly and encourage secure environments.

Although the data privacy laws are meant to protect the individuals, they have profound implications of how to enforce them and ensure compliance. When they are formulated and created, the way to implement them must be considered in order to facilitate and ensure compliance. This includes creating awareness campaigns among different user groups and provide them with incentives to move towards the new regulations before making the regulation a mandate. The mitigation of upcoming and potential risks should be added to the data privacy laws. Also the laws can be updated to encourage a more open data security environment where companies should be mandated to disclose (controlled/limited) details about any cyber security breach in a given time so that the same can be made available for the other organisations, giving them a chance to be secured against similar threats.

GDPR is also having a great influence on how the companies do their business globally. The same is being witnessed in Dubai where the organisations are changing their policies and processes to incorporate the stringent requirements related to GDPR.