From: AsiaPacific FutureGov

By Medha Basu

Dubai’s Information Security Committee (ISC) is coordinating with various government agencies to implement the Information Security Regulation (ISR), aimed at managing the information security environment in Dubai’s public sector.

The government is looking to provide agencies with a secure and reliable environment for storing information by developing an integrated strategy and unified policy for information security and government information systems.

Wesam Lootah, ISC member, stated, “The adoption of a unified system to ensure the sustainability and security of information represents a quantum leap in our efforts to address the urgent need to adopt an integrated methodology to process, manage, update, store and transfer the vast amount of information available to government entities.”

“This Regulation is also of great importance as it encourages investment in ICT infrastructure development, paving the way for a new phase aimed at upgrading government performance and becoming a global pioneer within the knowledge-based economy,” added Chairman of ISC, Ahmad Bin Humaidan.

At this stage, the ISC is coordinating with various public agencies to assess their level of commitment and monitor the implementation of the ISR. The Financial Audit Department has adopted a monitoring mechanism to determine the level of commitment from agencies towards implementing the ISR.

The ISR was developed by the Dubai Smart Government department and approved by the ISC. It covers the following 12 areas:

  • Information Security Management and Governance
  • Information Asset Management
  • Information Security Risk Assessment
  • Incident Management
  • Access Control
  • Operations, Systems and Communication Management
  • Business Continuity Planning
  • Information Systems Acquisition, Development and Management
  • Environmental and Physical Security
  • Human Resource Security
  • Compliance and Audit
  • Information Security Assurance and Performance Measurement

Additionally, the Government is taking measures to alert public entities to information security incidents and emergencies. It is also organising specialised training programmes to raise awareness on cybersecurity and provide ISR implementation guidelines. A special committee under Dubai Smart Government is currently determining requirements to create a general emergency plan for Dubai Government.