UAE Cyber Security Council conducts specialised cyber exercise

The UAE Cyber Security Council today conducted a specialised cyber exercise in collaboration with Immersive, a company specialising in strengthening human-centric cyber resilience.

The exercise comes as part of ongoing efforts to enhance the cyber readiness of government entities across the UAE amid the current regional circumstances, which require sustained vigilance and reinforced preparedness across all cyber domains. These efforts aim to safeguard the nation’s cyber ecosystem from various threats by utilising the latest technologies and tools to prevent potential cyber intrusions or attacks.

During the exercise, the council’s specialised teams, working alongside experts from Immersive, carried out an advanced cyber simulation focused on confronting, containing, and neutralising a potential destructive cyberattack targeting shared government services and critical infrastructure.

The exercise emphasised raising the level of cyber preparedness among all participants by providing a realistic threat environment and simulation that required participants to make key decisions under conditions of real pressure. This approach helps build effective response capabilities before an actual crisis occurs.

The specialised cyber exercise was designed to test best practices under extreme pressure across several key areas, including incident response, threat intelligence, and business continuity management during crises. It also aimed to identify strengths and weaknesses in current procedures, enabling an evaluation of how effective existing plans are in addressing the evolution of attacks — from initial suspicion to full operational disruption. This ultimately strengthens institutional and governmental capabilities to maintain uninterrupted vital operations.

The exercise also underscored the importance of effective communication, particularly in ensuring that incident response policies and procedures are clearly conveyed to all participants. This includes mechanisms for communication, points of contact, and the rapid and confidential exchange of information among relevant entities to ensure smooth information flow during crises and prevent coordination gaps that could hinder rapid response. Teams were tested on their ability to securely and systematically share sensitive data under conditions of escalating pressure.

Nation’s cyber domain

Dr. Mohammed Hamad Al Kuwaiti, Head of Cybersecurity for the UAE Government, affirmed that the council continues its efforts to protect and secure the nation’s cyber domain under all circumstances. He emphasised the council’s ability, in cooperation with all relevant entities, to safeguard the country’s cyber infrastructure and digital assets while strengthening the stability of its institutions in all conditions.

He noted that individuals represent the first line of defence within the cybersecurity ecosystem through digital awareness, which plays a key role in countering cyber threats and attacks. He explained that the cyber exercise aims to assess current capabilities and readiness among relevant entities by identifying gaps and areas for improvement based on data-driven performance analysis during the simulation. Every step and interaction was monitored to extract lessons learned that contribute to developing strategies and enhancing coordination between technical, operational, and leadership functions.

The exercise scenarios developed with Immersive focused on a situation in which a shared services entity serving both the UAE government and critical infrastructure comes under a sophisticated cyberattack attributed to an international actor. The attack begins as suspicious but manageable activity before gradually escalating into a large-scale crisis threatening the continuity of essential operations. This scenario challenges the organization’s ability to understand the nature of the threat, contain it effectively, maintain vital services, and coordinate a coherent strategic response under intense time pressure and incomplete information.

Participants in the scenario were required to continuously assess evolving information and make critical decisions at key moments, while maintaining close coordination between technical, operational, and leadership teams. At the same time, they had to strike a careful balance between immediate incident response and ensuring the continuity of critical services relied upon by government entities and citizens alike.

The exercise featured several key and supporting roles to ensure comprehensive coverage of all aspects of crisis management. The Security Operations Center (SOC) analyst played a primary role in early detection and analysis, while roles were clearly defined to strengthen the overall response to the incident. The Chief Information Security Officer (CISO) assumed a central role in directing policies and strategic decisions, while the business continuity team supported operational efforts. An additional supporting role for the CISO was also included to facilitate coordination across organisational levels.

The exercise relied on a customised crisis simulation model replicating a targeted attack on shared services, with a focus on complex networks and interdependencies between critical systems. This provided a realistic environment to test capabilities under conditions closely resembling real-world scenarios.

The exercise will ultimately produce a comprehensive report identifying vulnerabilities and recommending improvement plans to strengthen national preparedness against evolving cyber threats. It also reflects the UAE’s commitment to building a robust cybersecurity ecosystem capable of protecting government services and critical infrastructure from potential risks, particularly amid the current regional circumstances.