UAE Builds Homegrown Defense Against Industrial Cyber Attacks with New Academy and AI Platform

Bottom Line

The United Arab Emirates Cybersecurity Council and Rilian, a specialized defense technology firm, have formalized a deeper partnership that goes beyond traditional vendor relationships to establish a joint research and innovation facility in Abu Dhabi. This move underscores the UAE's determination to build independent cybersecurity capability for the industrial systems that keep the nation's economy—from oil platforms to power plants to desalination facilities—running safely and uninterrupted.

Why This Matters

• First National OT Academy: The partnership will create a dedicated training program focused on industrial control systems, addressing a critical skills gap that exists not just locally but globally.

• Real-Time Threat Response: The NSOC has already begun deploying Rilian's Caspian platform, an AI-driven system that detects and responds to cyber incidents autonomously across critical infrastructure without waiting for human intervention.

• Homegrown Solutions: Rather than importing all security tools from abroad, the centre will incubate locally-developed technologies tailored to how the UAE's industrial systems actually operate.

• Ecosystem Play: The arrangement includes a dedicated pathway for Emirati cybersecurity startups to test and scale innovations within protected government partnerships.

Understanding the Stakes

Industrial technology operates under fundamentally different constraints than corporate IT systems. When a software update fails on a bank's server, technicians can restart it. When an update fails on a power distribution network, the consequences cascade immediately—blackouts, equipment damage, potentially loss of life. The machinery running the UAE's water desalination plants, refinery operations, and electrical grids was often designed decades ago, before modern cyber threats existed. Now, as these systems become connected to networks and the internet, they face exposure to adversaries who may have no traditional military goal beyond causing disruption and economic damage.

Globally, industrial control systems remain far less protected than standard IT infrastructure. The market for OT cybersecurity expertise is nascent compared to traditional IT security. For the UAE—a nation dependent on uninterrupted energy, water, and logistics—this gap represents not just a business challenge but a national resilience issue.

The Four Pillars Strategy

The newly announced Centre of Excellence, based in Abu Dhabi, structures the partnership around four interconnected initiatives. The first focuses on developing proprietary intellectual property—essentially building Emirati-designed security tools rather than perpetually licensing foreign solutions. This reduces vendor dependency and creates a potential export product if the tools prove effective.

The second pillar, a national cyber academy for operational technology, addresses a practical shortage. Globally, universities graduate IT security professionals but struggle to teach the specialized knowledge required for SCADA networks, programmable logic controllers, and distributed control systems. The UAE's partnership means that by late 2026, the first cohort of locally-trained OT specialists can enter the workforce—both in government and private critical infrastructure roles.

Third comes the national maturity dashboard, a centralized assessment framework that tracks how well critical infrastructure operators across the country are defending their systems. This transparency mechanism lets regulators identify vulnerabilities systematically rather than reacting to incidents. It also creates a performance incentive: operators know their security posture is being measured and compared.

The fourth pillar is designed to function as an innovation sandbox for startups. Early-stage cybersecurity companies gain access to the centre's resources, collaboration with established security firms, and opportunities to pilot their technologies on real critical infrastructure under controlled conditions. For entrepreneurs, this represents rare access to government-backed projects in a sector where trust barriers are typically high.

The Caspian Platform: From Concept to Operations

This 2026 announcement builds on a 2025 implementation agreement between the UAE National Security Operations Center and Rilian, which involved deploying Caspian, an agentic security orchestration system designed to integrate and automate defenses across industrial environments. The platform employs AI agents—software programs trained to autonomously detect anomalies in operational systems, assess threat severity, and coordinate defensive responses without pausing for human approval.

The advantage is speed. In a scenario where attackers attempt to manipulate controls on a power distribution system, even a five-minute delay between detection and response can mean millions of dirhams in economic losses or physical damage. Automated response compresses that window to seconds, allowing the system to isolate compromised segments, trigger failsafes, and alert human operators simultaneously.

Caspian operates as the orchestration layer across multiple tools and partnerships, including CPX Holding and infrastructure from Google Cloud. The technical architecture is designed to ingest data from sensors and systems across electricity networks, water treatment facilities, transportation infrastructure, financial systems, healthcare operations, and manufacturing plants. As of May 2026, the system is active and collecting threat intelligence, though detailed performance metrics remain classified.

How the UAE Ranks Against Global Peers

The International Telecommunication Union assessed 194 countries on their cybersecurity maturity in 2024. The UAE achieved a perfect score, satisfying all 80 evaluation criteria and earning official designation as a "Pioneering Model." This places the nation ahead of most regional competitors and alongside leading European and Asian democracies in terms of formal cybersecurity governance and capability.

Within the Middle East and North Africa, neighboring nations like Saudi Arabia and Qatar have published their own national strategies and standards. Saudi Arabia's Essential Cybersecurity Controls (ECC) and Operational Technology Cybersecurity Controls (OTCC-1:2022) are mandatory for organizations managing critical national infrastructure. Qatar's National Cyber Security Agency actively promotes adoption of IEC 62443, the international standard for securing industrial control systems.

However, the UAE's competitive edge lies not just in having stringent rules but in the implementation infrastructure—the centres of excellence, the trained personnel, the coordinated response mechanisms. The UAE Information Assurance Standard (Version 2.1, released November 2025) mandates specific security controls across government and critical infrastructure, unifying what would otherwise be fragmented compliance requirements.

Internationally, the UAE's frameworks align closely with NIST Cybersecurity Framework, IEC 62443 standards, and ISO/IEC 27001. This means operators in the UAE who comply with national rules are largely compliant with global best practices. For multinational firms with operations across Europe, North America, and the Gulf, this alignment reduces the friction of maintaining multiple, incompatible security regimes.

Practical Implications for Operators and Business

For managers of critical infrastructure in the UAE, this partnership signals a shift toward mandatory, quantified cybersecurity maturity. The national dashboard will make it harder to hide vulnerabilities or claim compliance without evidence. Organizations that lag in OT security posture will face transparent scrutiny, which in practice means regulatory pressure and reputational risk.

For private-sector operators, the centre offers a pathway to remediation. Rather than struggling alone to hire OT specialists or evaluate unfamiliar security technologies, operators can now access government-backed training and pilots. Small to mid-size companies that lack internal cybersecurity depth benefit most from this ecosystem approach.

For multinational investors and security vendors, the development of sovereign Emirati capability creates opportunities. Rather than simply selling tools, firms that establish local partnerships and joint ventures with the centre gain preferential access to market opportunities and government-backed validation. The startup ecosystem component, meanwhile, offers venture-backed firms a structured pathway to market adoption.

For residents and daily users, the relevance is indirect but real. The infrastructure underpinning modern life—electricity, water, transportation, telecommunications, banking—depends on uninterrupted operation. As cyber attacks on industrial systems become more frequent and sophisticated, the UAE's investment in automated, AI-driven defenses aims to ensure that even under sustained digital attack, critical services remain resilient. A water treatment facility or power grid that withstands a coordinated cyber incident is one less failure cascade affecting hospitals, homes, and businesses.

What's Coming

The Centre of Excellence is expected to become fully operational by the end of 2026. The first training cohort for the national OT cyber academy is scheduled to enroll by the fourth quarter of this year. Early results will likely emerge in 2027 as trained personnel enter the workforce and pilots produce measurable improvements in threat detection and response times.

The partnership represents a structural departure from how governments have traditionally acquired cybersecurity capability—via procurement contracts and vendor relationships. Instead, the UAE is building an integrated ecosystem where research, talent development, operational tools, and startup support exist under one institutional roof. Whether this model proves scalable and whether other nations adopt similar approaches will become clearer over the next 18 months. For now, the announcement signals that the UAE views OT cybersecurity not as a technical problem to outsource but as a strategic asset to be built domestically with selective global partnerships.