The first in-person meeting of the 2023 Board Members of the Organization of Islamic Cooperation – Computer Emergency Response Team (OIC-CERT) was held on March 12-13, 2023, in Abu Dhabi, UAE. In the meeting, the 2023 business plan and key activities by each member country were presented and discussed, while the areas in which the Board would oversee the action plan were identified.
In the Board Meeting, H.E. Dr. Mohamed Al-Kuwaiti, Chairman of the UAE Cybersecurity Council, stressed the importance of addressing cyber incidents and promoting awareness – raising capacity-building initiatives. He mentioned that the UAE, as the Deputy Chair of the Board, would contribute by hosting cybersecurity awareness and interactive workshops for OIC-CERT members.
In addition, respective OIC-CERT Working Group (WG) meetings for the 5G Security Framework WG, Cloud Security WG and Blockchain WG were held as satellite events of the GISEC 2023 on March 16.
The OIC-CERT 5G Security WG discussed the rollout plan for adopting the framework in the remaining member countries, with the UAE and Malaysia as the implementation reference point.
The meetings of both the OIC-CERT Cloud Security WG and Blockchain Security WG were held for the first time since the groups’ established during the OIC-CERT 10th General Meeting in 2022. The two working groups aim to develop a common security framework for risk assessment and management and an open standard that can be used to mitigate any technical difficulties in Cloud Computing and Blockchain.
To date, the OIC-CERT Cloud Security WG has attracted 15 organizations from 11 countries to join forces, while the Blockchain WG have 8 organizations from 5 countries participating.
Dato’ Ts. Dr. Haji Amirudin Abdul Wahab, CEO of CyberSecurity Malaysia and the OIC-CERT Permanent Secretariat, said, “Protecting telecom networks is paramount in response to the formidable global cybersecurity challenge. But the immense efforts of the OIC-CERT and individual members bring us that much closer to our vision of cooperatively developing cybersecurity capabilities to mitigate cyber threats. We see 2023 as a watershed year as more countries join the OIC-CERT WG and contribute to the common goal of a safe cyberspace.”
Engr. Bader Ali Said Al-Salehi, Chair of the OIC-CERT and Director General of the Oman CERT, said, “The Working Group meetings marks another milestone in our ongoing efforts to promote cybersecurity among members. With UAE and Malaysia’s pioneering roles in adopting key elements of our security framework, we now have an important benchmark and platform to build upon. We will continue working together to make the OIC-CERT a leading cybersecurity platform to make cyberspace safer.”
UAE leads the OIC-CERT 5G Security Framework implementation
In 2022, UAE published the UAE Telecom Cybersecurity Guidance to strengthen the country’s telecommunication cybersecurity effectively. The Guidance will effectively strengthen UAE telecommunication cybersecurity in a holistic and systematic manner, involving governance and management, implementation, and improvement of a secure, resilient and self-healing telecom network. Comprised of two parts, the Guidance defines a defense-in-depth, zero-trust driven multi-layered framework based on the OIC-CERT 5G Security Framework. This approach builds security incrementally from the physical layer security to the application layer security based on internationally recognized standards and best practices.
In March this year, the UAE Cybersecurity Council, OIC-CERT, and e& co-organized the first UAE Telecom Cybersecurity Guidance Adoption Workshop as a satellite event of the GISEC Global 2023. At the workshop, e& announced that it is the first UAE carrier to do a pilot deployment of the UAE Telecom Cybersecurity Guidance and proactively respond to the national cybersecurity initiative. At the workshop, H.E. Al-Kuwaiti described the UAE Telecom Cybersecurity Guidance as vital to help drive the country’s efforts to establish the world-first telecom information security management system (ISMS) to govern, manage, implement and optimize telecom cybersecurity.