First, what would you like to tell us
about aeCERT?
aeCERT was established pursuant
to initiative by the Telecommunica-
tions Regulatory Authority in 2008
with the aim to examine the online
world in general and the UAE criti-
cal infrastructure in particular and
how to take the necessary protection
and safety action regarding this infra-
structure.
aeCERT is considered a unique cen-
ter as it aims to improve the stan-
dards and practices of information
security and protect the IT infrastruc-
ture in the UAE against the Internet
risks and breaches.
aeCERT is also the leading reliable
centre that coordinates work to fight
online crimes in the region.
How many services does aeCERT
offer?
aeCERT offers 30 various services
to a number of government agencies
in fields of control & response, re-
search & analysis, training & security
awareness and quality of information
security. The team includes 120 as-
sociates from public and private enti-
ties, the Central Bank and police and
judiciary entities.
What is the objective of aeCERT?
aeCERT aims to support IT infra-
structure and protect it against online
crimes and security threats. It also
aims to build a safe and protected
culture against IT crimes in the UEA.
aeCERT seeks to enhance the IT
crimes combating law, help in devel-
oping new laws, promote awareness
on information security throughout
the UAE, build national expertise
in the fields of information security,
emergency management and evi-
dence search on computers, build
a reliable contact centre to report IT
crimes in the country, build a national
center to gather information on IT
threats, risks and crimes, encourage
the establishment of CSIRTs and as-
sisting them across various sectors
and coordinate with local and inter-
national relevant CSIRTs. Finally, ae-
CERT aims to be an active member
in the well-known information secu-
rity organizations and forums.
Is there such a thing as 100% on�
line protection?
There is no doubt that piracy is a
serious threat to software and hard-
ware infrastructures. It has become
highly important for companies and
information security specialists to
continuously review the latest pi-
racy techniques and their preven-
tion methods. They should also work
on raising awareness of the people
and training and educating them on
protection against online security
breaches.
A 100% protection is hard especially
that there are professional hackers
who are high-level programmers
who can hack a certain computer or
a smart application and identify its
contents.
Pirates track the programmer’s short-
falls. For instance, when a program-
mer is working on a certain project,
he/she has a certain way of thinking
and implementing while pirates think
in a different way; when a developer
builds a certain application, he/she
write the code but might overlook
protecting a certain point, that is the
point used by a hacker as an entry
point to decode and access the ap-
plication.
Are there specialists to track and
address such deficiencies?
Yes, of course we have program-
mers who are exclusively special-
ized in breach detection. Their work
rely on two things namely their way
of thinking and how well they know
the application and the tools they use
and whether or not they use them in
the right time and place.
Is there a central entity that
launches these applications?
We are currently working on building
smart app store for mGovernment.
What is currently happening is that
each Ministry wants to launch its own
application through Apple, Android or
any other app store, it does so inde-
pendently without being reviewed by
a central entity to ensure its compli-
ance with security and privacy rules
of mGovernment. The store that veri-
fies only the compliance of the app
We are creating assess�
ment and authentication
labs and e-store for the
eGovernment
11
November
2013
