Dubai: The Dubai Electronic Security Centre (DESC), part of Digital Dubai, is preparing to launch Information Security Regulation (ISR) Version 3.0 after the success of the previous edition (ISR Version 2.0).
The Regulation includes key practices in information security that must be adopted across all Dubai Government entities, along with the necessary requirements for information security controls to ensure appropriate confidentiality, integrity, and availability of information.
The Regulation further seeks to provide these entities with the standards to ensure the continuity of critical business processes, minimize information security-related risks, and prevent information security incidents.
The Regulation is broken down into 13 domains, each considering one or more major classes of information security, including Governance, Operation, and Assurance. It applies to all Dubai government entities, including employees, consultants, contractors, and visitors who are not government employees but are engaged with the government through various means.
The new version of the ISR builds on the success of ISR Version 2.0, which recorded notable achievements.
Furthermore, the new version introduces a problem management process requirement, minimum security and compliance requirements for external parties and managed services, as well as data center security controls, in addition to incorporating cyber-resilience framework requirements.