A UAE flag superimposed on a circuit. (Circuit illustration via Getty; Graphic by Breaking Defense)
BEIRUT — The United Arab Emirates is expanding and boosting its expertise in cybersecurity and secure communications, not only to fulfill the national demand, but also with hopes of becoming a regional hub for exporting such high-tech capabilities in the Gulf and Middle East.
The small but wealthy nation’s ambition was on display during two major security events hosted there in October simultaneously, the International Exhibition for National Security and Resilience (ISNR) in Abu Dhabi, and the robot- and AI-focused GITEX Global in Dubai. Major foreign and local firms in these sectors attended the shows, and deals were sealed in the gleaming cities.
“We have to look at the UAE’s approach to cyber technology as exceptional in the Arab world as the UAE early on understood the importance of resilience in the cyber domain, not just from a defensive point of view but potentially also an offensive point of view,” said Andreas Krieg, senior lecturer at King’s College London and CEO of MENA Analytica, a London-based strategic risk consultancy firm focusing on the wider Middle East region.
Krieg said the UAE had clearly identified its vulnerabilities in the cyber domain more than a decade ago, and had more actively worked on developing means of mitigation than any other Arab state. The kingdom’s activities in the cybersecurity realm have not been without controversy regarding how the nation has used its newfound expertise.
More recently, last month two major steps were taken to progress the country’s capabilities, one by each of UAE’s two giant defense organizations, when EDGE Group integrated the secure communications firm Digital 14, and Tawazun Industrial Park, the industrial development-enabling arm of Tawazun Economic Council, launched Watheq cyber security laboratory. That lab has joined forces with the local cybersecurity firm CPX Holding.
“While most Arab states have taken tactical or operational approaches to the cyber domain, the UAE has adopted a comprehensive whole-of-nation approach to boost its domestic cyber domain in one of the most connected economies in the world,” Krieg said.
Krieg elaborated that apart from developing in-house capabilities and technologies, entities such as EDGE or Tawazun are purpose-built hubs to forge joint ventures and partnerships with global industry leaders in the field. Not all the cybersecurity initiatives have been without controversy.
“Especially, due to the vast resources available and virtually no restrictions on data availability, companies from Israel or the United States find the UAE an interesting country to operate in,” Krieg said. “Here these acquisition and procurement hubs like EDGE and Tawazun become instrumental points of attraction for collaboration and investment that have granted the UAE access to cyber tech that is quite unique in the MENA region.”
Krieg further stressed that even in comparison to Israel, which is an outstanding cyber power in the region, “the UAE has some competitive advantages [in luring Israeli interest] as it has powerful networks in the region that can provide Israeli companies with access to wider markets and provide the necessary investments into R&D that is sometimes missing in Israel.”
As reported by Israeli media outlets, UAE and Israel signed an agreement to develop cybersecurity and deep tech in September 2022. The agreement signed between Abu Dhabi Global Market Academy and Avnon Academy to share expertise between the two academies on cybersecurity. Just months before in February, going the opposite direction, an Israeli cybersecurity firm inked a deal with an Emirati bank.
Getting Cyber-Secure
Both UAE’s major defense players Tawazun Economic Council and EDGE Group are investing heavily in cybersecurity, whereby the first is investing in laboratories and education and the latter is investing on the technical side and product development of cybersecurity solutions.
It was at ISNR that Tawazun Economic Council unveiled the Watheq Laboratory. This lab tests security resilience of I.T. assets and services through four specialized laboratories: cryptography, hardware, signals and software labs. Through Watheq, Tawazun aims at supporting government agencies and protecting critical national infrastructure through sovereign encryption capabilities.
Also, TIP Testing and Qualification Center (TIP TQC), and through its Cyber Security lab, Watheq, has signed a memorandum of understanding (MoU) with CPX Holding. Both home-grown companies seek to provide clients with a comprehensive range of services encompassing all levels of cyber security.
From its side, EDGE subsidiary BEACON Red signed an agreement at ISNR 2022 with 42 Abu Dhabi, the UAE’s coding school to expand the learning experience there.
At GITEX Global 2022, which is more focused on robotics and AI, foreign firms like Russia-based Kaspersky and China-based Huawei likewise announced new cybersecurity initiatives to increase their presence in the region. Trend Micro, an American-Japanese cybersecurity firm, announced a strategic partnership with Beyon Cyber, a cybersecurity company protecting Bahrain’s most critical communications infrastructure.
Domestically, GITEX saw a showcase by the Abu Dhabi government of more than 100 digital initiatives and projects in the field of digital transformation.
Communicating Securely
Elsewhere during the shows, the topic of secure communications was top of mind. A few days after its integration into the EDGE conglomeration, secure comms provider KATIM at ISNR unveiled its next-gen network encryption solution called Gateway 9011.
The company says Gateway 9011 is a solution for large-scale deployment, including sensitive entities, critical infrastructure campuses, government buildings and data centers. It powers network communications with an end-to-end, hardware encryption that the company claims is “post-quantum.” (The US government, among others, has been sounding the alarm about the potential for quantum computing to crack even the most advanced encryption algorithms, and has therefore been developing methods that it hopes to be quantum-resistant.)
KATIM joined EDGE on Oct. 5 after rebranding from Digital 14. KATIM is the brand name of the company’s KATIM R01 and KATIM X2 smartphones, in an attempt to increase the firm’s reach by linking it to the well-known phone’s name.
“We have several ongoing large-scale projects locally as part of our sovereign defense capability for the UAE. We are also pursuing some very exciting strategic opportunities globally across our core business areas including secure communications in end-user applications, end-point devices, infrastructure and end-to-end solutions,” KATIM’s vice president and head of transformation and commercial strategy and operations Shaz Khan, told Breaking Defense.
Shaz said he expected that with the scale and strength of EDGE, KATIM will double-down on its investment to become a secure communications leader globally, including with instant messaging applications at-scale, voice and video communications, network infrastructure and satellite communications.
He told Breaking Defense that the firm is developing KATIM X3 secure smartphone.
As perhaps a sign of the regions rush to technological change, KATIM completed the full integration, transformation and rebranding in 83 days.
The Threat Landscape And Countermeasures
The demand for cybersecurity and secure communications services comes as the threat landscape has changed and an abundance of data is transferred from one end point to another, especially with regard to the UAE’s critical infrastructure.
“The UAE’s critical national infrastructure in the hydrocarbon, the logistics and finance sector is quite exposed to potential cyber exploitation from a range of malign actors,” Krieg said. “Iran is certainly one of the more tangible malign actors that in the past has attempted cyber sabotage and espionage operations in the UAE. But even Emirati partners such as China and Russia might have an interest to exploit vulnerabilities in the cyber domain in the UAE.”
Back in December 2020, just after UAE has normalized ties with Israel, Abu Dhabi was the target of cyberattacks.
The head of cyber security in UAE, Mohamed Hamad al-Kuwaiti, said then “The that the number of cyber attacks in the UAE increased sharply after the start of the coronavirus pandemic. Traditionally many attacks in the region originate from Iran,” without specifying who is behind them.
Krieg concluded that the entire business model of the UAE as a leading smart power that is hyperconnected is built around the ability to achieve cyber resilience.
Enterprise-wide training: the Army’s $3.5B program for multi-service combat readiness
The competition for Warfighter Training and Readiness Solutions will bring together training networks, combat training centers and live ranges across the DoD enterprise.
Why supporting Ukraine is ‘main priority’ for Norway’s defense chief this year
“I have more sense of urgency in 2024 than I had in 2023” about how quickly Russia can rearm its military, Norway’s Chief of Defense, Gen. Eirik Kristoffersen, told Breaking Defense.
