In an effort to support the United Arab Emirates’ (UAE) cybersecurity outlook and show commitment to the country and the region as a whole, LogRhythm, The Security Intelligence Company, integrated the UAE National Electronic Security Authority (NESA) cybersecurity compliance standards and guidelines into its NextGen SIEM (Security Information and Event Management) Platform.
These standards were developed by NESA for government entities in critical sectors in order to protect the UAE’s critical data and information infrastructure.
“Cybersecurity is one of the biggest economic and national security challenges countries face in the twenty-first century,” said His Excellency Jassem Bu Ataba Al Zaabi, Director General, NESA. “The National Electronic Security Authority was established in line with this modern reality and as soon as the Authority was in place, we immediately initiated a thorough review of federal efforts to defend and protect the nation’s information and communication technology (ICT) infrastructure. The announcement falls in line with the process we are currently engaged in which puts all necessary policies and standards in place to ensure a comprehensive approach to securing the nation’s digital infrastructure.
Compliance with these standards is mandatory for all government organizations, semi-government organizations, and business organizations that are identified as critical infrastructure to the UAE. Not only were the regulations created to keep critical data safe, but also to strengthen the security of UAE cyber assets and reduce corresponding risk levels, protect critical infrastructure, improve cybersecurity threat awareness and foster collaboration at national and sector levels in the UAE.
These regulations are based off the controls and criteria of several existing security standards such as NIST and ISO 27001, but NESA’s regulations uniquely identify the control requirements and priorities for providing information assurance to distinct business sectors. The UAE-NESA standards consists of 188 security controls which are divided into two families, management and technical security controls.
“LogRhythm’s technology will enable NESA to enhance security workflow with robust case management and automation playbooks, save time with prebuilt artificial intelligence (AI) Engine rules and alerts mapped to UAE-NESA controls and fast and granular customization capabilities to fit your organization’s unique IT environment and policies,” explained Mazen A. Dohaji, regional director for the MENA region at LogRhythm.
The LogRhythm NextGen SIEM (Security Information and Event Management) Platform helps organizations covered by the UAE-NESA comply with the regulation. LogRhythm’s UAE-NESA Compliance Automation Suite provides prebuilt content — all automatically associated with the correct UAE-NESA asset categories, namely correlation rules and alarms, investigations that dive deep into data for review and analysis and summarized as well as more detailed reports.
“This suite enables NESA to identify areas of non-compliance in real time with prebuilt investigations and alarms that allow for immediate analysis of activities that impact an organization’s critical systems,” continued Dohaji. “Proving compliance is easy with reports that can be scheduled or run on-demand.”
Incident response is a core aspect of this suite. The correlation rules and investigations are specifically designed to work with LogRhythm’s case management capabilities to expedite your response to threats and compliance violations. You can easily add forensic evidence to cases and centralize your evidence for authorities to review. Additionally, dashboards can be created and customized according to the needs of your UAE-NESA compliance program.
Subscribe to our monthly newsletter
Keep a pulse on the latest business news in the Middle East. Subscribe now.