Notifications

Monday 07 April 2025

Monday 07 April 2025

CBUAE Issues its 2024 Annual Report

Press Release

Accessibility settings

Text size

A-

A+

Theme color

Color blind mode

Night reading mode

Rate this page

Rated by 2 People

Thanks for rating

Please provide a valid value for Name
Please provide a valid value for Email Address
Please provide a valid value for Phone number
Please provide a valid value for Subject
Please provide a valid value for Message

Back

Information Sharing Platform

On this Page

What is UAE-FS-ISAC?

Mission and Vision
UAE-FS-ISAC is equipped with a centralized threat intelligence platform (TIP) that can connect various UAE Financial institutions and UAE Government entities to share threat intelligence information efficiently and securely.

As attackers step up with their tactics to act upon financial motives and target financial institutions continuously, there is a requirement to identify and establish standard information exchange channels. Specific challenges:

 

  1. No centralised platform to exchange threat intelligence data between the UAE financial sector and Government entities.
  2. Absence of standard sharable data format which is enriched, machine readable, accurate and relevant to the context.

Mission and Vision

  • Creating and establishing secure infrastructure that enables the sharing and dissemination of intelligence with peers.

  • Providing immediate information on major or crisis-level incidents related to the industry and/or its members.

  • Permitting all peer members to have the capability to submit threat information or other artifacts voluntarily.

  • Utilising the sector's vast resources (people, process, and technology) to aid the entire industry with situational awareness and advance warning of new physical and cyber security threats, incidents and challenges.

The Central Bank of UAE encourages financial institutions to be part of the community to communicate and share indicators of compromise, phishing campaigns, and other potential attack information with the community for awareness, and to implement relevant preventive measures.

Kindly download, complete and send the document to the following email: [email protected]

Download

Thanks for rating

32

32

Participants can create events related to cyber incidents and share them across the community via MISP. Below are the types of threat information that could be shared:

 

  1. Indicators of Compromise (IOCs): such as malicious files, suspected or compromised email addresses, malicious IP addresses, or malware samples; or information about threat actors.
  2. Modus operandi, Tactics, Techniques, and Procedures (TTP): Awareness of cyber-criminal behaviour and understanding their tactics, techniques and procedures (TTP).
  3. Attributing factors: Information about the threat observed such as internet address, location, any names and/or any other information associated with the threat.
  4. Cyber-threat intelligence and analysis:  Gather and analyse threat intelligence from various sources and types of information to build reports, metrics, trends, and projections.
  5. Best practice awareness and lessons learned: Information on enhancing security management systems and/or security controls.
  6. Tool Configurations: Recommendations for setting up and using tools (mechanisms) that support the collection, exchange, processing, analysis, and use of cyber-threat information.

Last updated on: Monday 09 October 2023

Total visitors 6701