Information Security

Information Security

Information Security

The Signals Intelligence Agency, formerly known as the National Electronic Security Authority, is the United Arab Emirates intelligence agency. 

National Electronic Security Authority (NESA) has produced a set of standards and guidance for government and regulated entities in critical sectors.  Compliance with these standards is mandatory.

All UAE government entities and other entities identified as critical 1 by NESA are obligated to implement NESA Standards.

  • PREPARE AND PREVENT - The manifestation of cybersecurity threats by strengthening the security of UAE cyber assets and reducing corresponding risk levels.
  • DETECT, RESPOND, AND RECOVER - From significant cyber incidents to reduce the impact on society and the economy.
  • BUILD NATIONAL CAPABILITY - By promoting cybersecurity awareness, developing the UAE’s workforce, and cultivating research and innovation to meet cybersecurity national needs.
  • FOSTER COLLABORATION - Among stakeholders at national and international levels to stimulate a collaborative environment focused on achieving desirable objectives.
  • PROVIDE NATIONAL LEADERSHIP - By orchestrating cybersecurity initiatives at the national level.

We conduct a four-phase critical assessment of information security:

  1. Project initiation & GAP Assessment
  2. Documentation
  3. Information Security Control Implementation Support
  4. NESA Compliance Assessment

Through our team of information security experts, we assist organisations to meet NESA and industry standards. 

Contact us for further assistance

Our NESA Consultancy Services

NESA Gap Assessment
Conduct an assessment of your NESA Compliance applying the UAE IAS Gap Assessment methodology.
NESA Risk Assessment
Based on UAE National Cyber Risk Management Framework conduct an ISMS Risk Assessments.
NESA Risk Treatment Plan
Resolve the gaps and risk identified to acceptable levels.
NESA Policies & Procedures
Develop the required Information Security policies and procedures.
Security Testing
Conduct period vulnerability assessments and penetration testing.
Security Awareness
Provide regular knowledge and training sessions for employees to raise security awareness.
Technology Implementations
Identification of technology gaps and advising on implementation of technical controls.
NESA Progress Reviews
Periodic evaluation of NESA implementation progress reviews.
NESA Internal Audits
To ensure complete compliance NESA ISMS policies internal audits should be conducted.
NESA Gap Assessment
Conduct an assessment of your NESA Compliance applying the UAE IAS Gap Assessment methodology.
NESA Risk Assessment
Based on UAE National Cyber Risk Management Framework conduct an ISMS Risk Assessments.
NESA Risk Treatment Plan
Resolve the gaps and risk identified to acceptable levels.
NESA Policies & Procedures
Develop the required Information Security policies and procedures.
Security Testing
Conduct period vulnerability assessments and penetration testing.
Security Awareness
Provide regular knowledge and training sessions for employees to raise security awareness.
Technology Implementations
Identification of technology gaps and advising on implementation of technical controls.
NESA Progress Reviews
Periodic evaluation of NESA implementation progress reviews.
NESA Internal Audits
To ensure complete compliance NESA ISMS policies internal audits should be conducted.

Contact Us

Dawn Thomas
Dawn Thomas
Director - Governance Risk and Compliance