Image used for representation only.
Doha, Qatar: A drill to assess the effectiveness of the country's cybersecurity infrastructure will be held from November 20 to 29.
The National Cyber Drill will involve about 170 vital entities in Qatar and will be held under the title “Secure Your Data”, said Head of National Cyber Initiatives Assurance Department at the National Cyber Security Agency (NCSA), Mohammed Murshid Al Mannai.
Al Mannai said the drill began as a pioneering initiative in 2013 and has become an annual event since then. He explained that the cybersecurity drill, with its core exercises, serves as an important administrative tool aimed at identifying and improving gaps, as well as determining the effectiveness of response and recovery strategies, to minimise the impact on society, economy and the sustainability of national cybersecurity stability.
Al Mannai emphasised that cybersecurity drills aim to measure efficiency of participating institutions to address cybersecurity risks from the perspective of the readiness of the human, technological, and operational elements. He noted that cyber drills exercises are excellent tools for evaluating adopted plans and programs in terms of comprehensiveness, interconnection, and accuracy.
He underlined that the cyber drill also aims to raise awareness among institutions and participants about this year’s theme, enhancing their compliance with laws related to data privacy and classification, and ensuring the practical implementation of these laws.
Al Mannai said the basic component of the drill is the “scenario”, so the strength and modernity of the scenario is reflected in raising the level of awareness of the dangers of cyber threats, as well as keeping the scenario abreast of the latest hacks and methods that hackers follow in general
He emphasised the importance of the cyber drill in ensuring the ability of the participating entity or institution to protect its assets from being hacked, and the extent to which its procedures followed in confronting recent hacks are compatible with their various scenarios. He said continuing the cyber drills contributes to building permanent knowledge and awareness of cybersecurity incidents and their mechanisms.
Al Mannai reviewed NCSA’s various efforts and roles in confronting cybersecurity threats, pointing out that the agency continuously shares threat bulletins.
These bulletins include hacking methods and the protection mechanism. It also shares vulnerability bulletins that aim to inform all entities of the spread of any new vulnerability, and to ensure that each entity is able to protect its data.
He also stressed the importance of NCSA’s proactive work to raise general awareness about data protection and privacy, providing principles, guidance, and tools to assist institutions in facing potential risks, noting that the agency is conducting various training workshops, lectures, and consultations in collaboration with various entities and institutions.
Al Mannai affirmed that achieving cybersecurity relies on both the National Cyber Security Agency and the entities considered partners in securing Qatar’s cyberspace, adding that the agency’s duty is to assist various institutions and empower them to protect themselves through appropriate technology, proper procedures, and qualified personnel, contributing positively to the ability of institutions to safeguard their assets.
He explained one of the key outcomes of the cybersecurity drill is the presentation of an analytical report revealing the participating team’s ability to deal with the threat outlined in the scenario, and identify its position within the same sector at the national level, in addition to identify weaknesses and provide necessary suggestions to overcome them along with an implementation mechanism.
He clarified that the main purpose of the cybersecurity drill consists of two aspects: educational and awareness-building, as well as identifying weaknesses or gaps, noting that NCSA aims to ensure the continuity of the drill and increase the number of participating entities, considering it an experience where the participating entity tests its technical and administrative capabilities in facing a specific incident in a safe environment.
