The Dubai Electronic Security Center (DESC), part of Digital Dubai, hosted a workshop for the private sector to discuss the Cyber Force Program, launched as a collaboration between DESC and CREST  an international not-for-profit, membership body representing the global cyber security industry.


The workshop focused primarily on certification of penetration testing and incident response individuals, in addition to introducing the criteria DESC identified in collaboration with CREST to approve cybersecurity companies to provide their services to the Dubai Government.


To obtain DESC’s approval, service providers must have the necessary skills and competencies required and must be in compliance with Dubai laws. Approval from the Dubai Electronic Security Center will provide a higher level of assurance and confidence  in these companies that are providing services to the government.


His Excellency Yousuf Al Shaibani , CEO of the  Dubai Electronic Security Center, said: “The Dubai Electronic Security Center is committed to supporting the Dubai Government in its ambitious plans to establish the Emirate as a world leader in innovation, digital transformation, and cybersecurity. We strive to play our part in positioning Dubai as one of the safest cities in cyberspace, as the Emirate moves forward with its plans to digitalize every aspect of life for its citizens, residents, and visitors.”


“Dubai Electronic Security Center’s collaboration with CREST to introduce the Cyber Force Program – and our role in setting criteria for companies looking to engage with Dubai Government entities – was a notable milestone in implementing the Dubai Cyber Security Strategy, where international collaboration is outlined as a key guiding principle,” Al Shaibani  added. “The workshop raised awareness within the private sector about the core tenets of the Program, as well as the criteria that we, at DESC, use to ensure the quality of cyber service provision to Dubai government entities, in an effort to bring them on board with our cybersecurity plans and standards.”


Mr. Rowland Johnson, the President of CREST International, said: "CREST is proud to support the introduction of the Dubai Cyber Force program alongside our partners at DESC, which has already stimulated considerable interest amongst our member companies with a number starting the process to have their cyber professionals approved to the program with the opportunity to extend their ability to offer services in Dubai. 


"The Cyber Force program signifies the Dubai government's commitment to ensuring the quality of cyber security services in the Emirate, and it aligns with our continued mission to build global cyber capability while stimulating and facilitating further cooperation across the cyber security industry."  The Cyber Force Program was launched following an agreement signed by DESC and CREST at Gulf Information Security Expo and Conference (GISEC) 2023, and was designed to regulate government, semi-government, and Critical Information Infrastructure (CII) entities’ engagement with cybersecurity service providers.


The program allows DESC to assess and accredit service providers delivering cybersecurity services to Dubai Government entities, semi-government entities and Critical Information Infrastructure (CII). It focuses on three key areas: Skills and Competence, where individuals and companies providing services under the program are required to hold DESC-approved qualifications and have suitable experience; Methodologies, where services must be conducted using DESC-recognized methods and approaches; and Reporting, mandating that reports and recommendations are produced in accordance with a recognized standard.


The purpose of the program is to define processes and principles to ensure consistency and efficiency in the marketplace. It provides assurance that internationally proven methodologies are adopted; processes and procedures of the supplier are subject to independent audit; systems and data are handled safely; services are delivered by individuals who have the appropriate skills, certifications, and competencies; and that both the provider and individual consultants are bound by codes of conduct and ethics that conform with the Dubai laws and regulations, including an independent compliance process.


The workshop hosted by DESC targeted local and international cybersecurity companies, bringing together cybersecurity professionals, industry experts, and key stakeholders. Over 100 experts from the cybersecurity industry attended the workshop in-person and virtually, representing their companies and showing great interest in the program.