Get more info about setting up a new chapter in your area.
We have signed an agreement with the Dubai Electronic Security Center (DESC) to deliver a new standard that will give our members and qualified individuals greater access to the market in Dubai.
The full details of the standard are being finalised and will be communicated in the coming months. It will initially focus on penetration testing and incident response services, and through CREST, requires registration with DESC, to be eligible to work for the Dubai government. To register, individuals must hold a valid CREST professional certification or work for a CREST accredited member.
For more information, see the FAQs below.
To read the DESC press release on the agreement, see here.
How to express your interest
If you are interested in taking a CREST exam as part of the Dubai Cyber Force standard, please email [email protected]. You will be entered into a prize draw to win free vouchers for CREST practitioner level Penetration Testing or Incident Response exams, available at a Pearson Vue test centre in Dubai.
For CREST member companies
Email [email protected]
For organisations interested in becoming a CREST member
Email [email protected]
For Dubai Government agencies interested in understanding more about the standard
Contact DESC at [email protected]
The Dubai Cyber Force standard will be used to signpost skilled and competent individuals and companies that are able to deliver Penetration Testing and Incident Response services to the government in Dubai. The standard is part of the delivery of the Dubai Cyber Security Strategy (DCSS) with the vision of placing Dubai among the most secure cities electronically in the world.
There are huge amounts of variability in the services being delivered by Penetration Testing and Incident Response service providers globally. Methodologies vary, breadth, depth and quality of assessment varies and the underlying skills and competencies of the individuals delivering services can vary significantly. Penetration Testing and Incident Response services are highly technical, and both the language, findings and recommendations can be confusing to buyers of services.
This standard sets a high, internationally recognised standard for delivery of cyber services to Dubai government. It uses a standards-based approach, to deliver increased quality, improved technical skills, and greater consistency across the cyber security sector. This is essential to have confidence that Dubai’s critical information infrastructure (CII) is well protected. By defining a series of requirements for service providers and the professionals that deliver these services, the Cyber Force standard will deliver more consistent outcomes for the delivery of cyber services in Dubai.
Individuals must be either CREST qualified or work for a CREST member company that is accredited to the Penetration Testing or Incident Response disciplines. For information please email [email protected]
Buyers of penetration testing and incident response services in Dubai will be able to identify CREST member organisations with Dubai Cyber Force registered individuals via the CREST website once the standard has opened for registrations.
No, individuals (and the employers) may be located remotely or in Dubai. However, building a domestic eco-system of skilled cyber service professionals and companies is strategically important so local presence will be well regarded.
Please visit the Certifications section of the CREST website for more information about booking a CREST exam (please note that where an exam needs to be taken at a ‘CREST Exam Centre’, further information will be shared in due course regarding when this will be available in Dubai).
CREST is offering a limited amount of free exams to a randomly selected set of individuals who express interest in taking a practitioner level Penetration Testing or Incident Response exam. The exam will be available at a Pearson Vue test centre in Dubai only. Email [email protected] the chance to win.
Please contact [email protected] for more information.
Please contact [email protected] to enquire.
Please contact DESC at [email protected] for more information.
The Dubai Cyber Force standard was launched at GISEC 2023 (March 14-16) with further details about how to register to follow in Q2 2023.
The details of the standard will be published in Q2 2023.
The standard will become mandatory at the end of Q4 2023. Individuals are encouraged to enrol in the standard as soon as possible to ensure that they are able to meet this timescale.
A key domain of the DCSS is creating a Cyber Smart Society – achieving awareness, skills and capabilities to manage cyber security risks for Dubai’s public and private sectors, and individuals, including:
A key guiding principle and domain of the DCSS is National and International collaboration: