Dubai Electronic Security Center (DESC) has launched an Industrial Control Systems (ICS) Security Standard for the emirate.
The new ICS Security Standard was introduced by Amer Sharaf, Director of Compliance, Support and Alliances at DESC; and Dr. Bushra Al Blooshi, Deputy Director of Information Services Department at DESC.
According to the DESC, the implementation of the ICS Security Standard by relevant government and private entities in Dubai will help provide a new and improved framework for Industrial Security and ensure minimal risk framework to fortify the industrial sector’s digital infrastructure against rise in cyber-attacks on this sector globally.
Dr. Al Blooshi noted the valuable cooperative efforts of various government entities such as ENOC, Dubai Electricity and Water Authority (DEWA), Dubai Airports and The Roads and Transport Authority (RTA) which were key in co-developing and implementing the new ICS Security Standard.
“These entities’ rich expertise and comprehensive knowledge in industrial systems processes helped in enabling the drafting and implementation of the standard,” said Dr. Al Blooshi.
The initial framework of the new standard’s regulation has evolved from a series of workshops with relevant stakeholders in order to give it a thorough examination, equate them with other leading ICS security standards and emphasise the key differences between the information technology security controls and those related to Industrial control systems and operational technologies. Additionally, the (ICS) Standard has been benchmarked against internationally recognised standards
Dr Al Blooshi added, “The UAE is committed to lead in the race towards digital transformation by adapting Artificial intelligence (AI) tools, the application of Internet of Things (IOT) and other smart technologies, especially ones that rely on 5G networks”.
She also noted that this commitment makes the observance of the latest security standards a crucial step towards protecting digital data across all sectors and at all cost.
The conference highlighted the principal challenges and primary security controls implemented within operational technology departments in Dubai’s industrial sector. Emphasising the role of participating entities in evaluating those challenges and recommending innovative ways to identify and implement the best ICS security controls to eliminate any concerns that may arise in the future.
Speaking about DESC’s strategy in implementing the new standards, Sharaf said that the launch of the new ICS Security Standards comes in line with the vision of Sheikh Mohammed bin Rashid Al Maktoum, the Vice President, Prime Minister, and Ruler of Dubai, to position Dubai as the leader in the cybersecurity sector and amongst the safest cities in cyberspace.
“It also aligns with DESC’s strategy of applying the best security standards to promote the safety of information systems and enable it to confront and tackle challenges in this domain”.
He also underlined DESC’s role in supporting government entities in enabling them to accelerate their projects’ growth while maintaining highest levels of electronic security standards within safe and stable environments. “It is important to mention that the methodologies and tools for safeguarding industrial control standards. We are proud to jointly collaborate with government entities as one team in order to strengthen Dubai’s position as a leader in innovation, safety, and security,” he added.
According to DESC, the workshops focused on the implementation and management of Information Security Regulation (ISR) Governance of operational technologies (OT) in addition to the drafting of the new ICS Security Controls, the review of governance of OT security and how to utilise ISR standard, consolidating parameters to consider when planning for implementation of the proposed ICS security controls standard and Information Security Regulation (ISR). The workshops also reviewed the research studies with University of Dubai in relation to the ICS security controls standard.
A series of interactive discussion sessions with each of the government bodies took place in those workshops to identify core challenges and formulate a collective consensus for the operational technology’s departments’ within these entities. Each entity participated progressively in drafting the ICS standard, while feedback and advisory propositions from all participating stakeholders were received and considered in its development.
