Threat Intelligence Neutral 6

UAE Banks Run 350+ Expert Cyber Wargame to Test Real-World Attack Response

· 4 min read · Verified by 6 sources ·
Share

Key Takeaways

  • The UAE Banks Federation concluded its 5th National Cyber Wargaming with over 350 participants simulating real-world attack scenarios.
  • The exercise, supervised by CBUAE and the Cybersecurity Council, focused on improving threat actor TTP understanding and cross-sector incident response, reinforcing financial sector cyber resilience.

Mentioned

UAE Banks Federation (UBF) organization Central Bank of the UAE (CBUAE) organization UAE Cybersecurity Council organization Al Etihad Payments company e& company Du company Gulf Insurance Group company Ebrahim Al Zaabi person

Key Intelligence

Key Facts

  1. 1The 5th National Cyber Wargaming 2026 attracted more than 350 participants from UBF member banks, fintechs, telecoms, and insurers.
  2. 2Simulated attacks focused on improving understanding of threat actor techniques, tactics, and procedures (TTPs) used in real-world incidents.
  3. 3The event was supervised by the Central Bank of the UAE (CBUAE) and the UAE Cybersecurity Council, underscoring regulator-led resilience efforts.
  4. 4Ebrahim Al Zaabi, Assistant Governor at CBUAE, emphasized that cyber resilience is a shared responsibility requiring continuous collaboration and sustained investment in digital infrastructure.
  5. 5Participating organizations included Al Etihad Payments, e&, Du, and Gulf Insurance Group, extending beyond traditional banking to the financial ecosystem.
  6. 6Outstanding organizations and teams were recognized for their contributions and excellence in cybersecurity, fostering a competitive security culture.
Cyber Professionals Participating
350+ N/A

Cross-sector experts from banking, telco, insurance, and fintech

Strengthening cyber resilience is a shared responsibility that requires continuous collaboration and close coordination among all stakeholders.

Ebrahim Al Zaabi Assistant Governor for Monetary Policy and Financial Stability, CBUAE

During the announcement of the 5th National Cyber Wargaming 2026

Analysis

For cybersecurity professionals, the UAE's wargaming exercise is a blueprint for intelligence-led defense: it translates adversary TTPs into hands-on simulations that test not just technical controls but management decision-making under pressure. The inclusion of telecoms and insurers alongside banks reflects a recognition that modern attack surfaces span entire digital supply chains, making this a model for sector-wide resilience testing.

The UAE Banks Federation (UBF) has conducted the fifth edition of its National Cyber Wargaming exercise, bringing together over 350 participants from the banking, payments, telecom, and insurance sectors to test and improve cyber incident response capabilities. Held under the supervision of the Central Bank of the UAE (CBUAE) and the UAE Cybersecurity Council, the event represents a sustained, regulator-driven push to elevate the cyber resilience of the nation’s financial infrastructure. This year’s wargaming featured advanced simulations designed to mimic real-world attack scenarios, enabling management teams and cybersecurity professionals to practice responding to breaches, ransomware, and other threats while identifying gaps in their defenses. The inclusion of entities like Al Etihad Payments, e&, Du, and Gulf Insurance Group signals an understanding that cyber risk extends beyond traditional banking into the broader digital ecosystem that supports financial services.

The inclusion of entities like Al Etihad Payments, e&, Du, and Gulf Insurance Group signals an understanding that cyber risk extends beyond traditional banking into the broader digital ecosystem that supports financial services.

The exercise is part of a multi-year strategy by UAE authorities to harden the financial sector against an increasingly hostile threat landscape. In 2024 and 2025, the Middle East experienced a sharp rise in financially motivated cyberattacks, including ransomware campaigns targeting banks and SWIFT-related fraud attempts. By institutionalizing wargaming at the federation level, the CBUAE ensures that readiness is tested not just within individual banks but across interconnected third parties, payment switches, and cloud providers. The 350+ participation figure — spanning senior management to operational security staff — suggests a holistic approach that goes beyond technical drills to include governance, communication, and supply-chain coordination.

From a threat-intelligence perspective, the event’s focus on techniques, tactics, and procedures (TTPs) of real threat actors is critical. It moves organizations beyond checkbox compliance toward adaptive defense. The simulations likely covered scenarios such as phishing-based initial access, lateral movement within hybrid-cloud environments, and data exfiltration techniques seen in recent APT campaigns targeting the region. For financial institutions, which hold sensitive customer data and operate under strict Basel-based risk frameworks, the ability to rapidly contain an incident directly impacts capital adequacy, reputational standing, and regulatory fines. Ebrahim Al Zaabi, CBUAE’s Assistant Governor for Monetary Policy and Financial Stability, underscored that cyber resilience is a “shared responsibility” and called for sustained investment in digital infrastructure and incident response capabilities — a clear signal that future regulatory expectations will be tied to demonstrated readiness, not just policy documentation.

What to Watch

Market impact is twofold. First, the exercise reinforces confidence among international investors and correspondent banks that the UAE financial system is proactively managing cyber risk, potentially lowering risk premiums on cross-border transactions. Second, it creates commercial opportunities for cybersecurity vendors specializing in red-teaming, threat simulation platforms, and managed detection and response (MDR) services, as banks seek to close gaps identified during the wargames. The recognition of outstanding organizations further incentivizes a competitive drive toward cybersecurity excellence, which could accelerate adoption of AI-driven security analytics and zero-trust architectures across UAE banks.

Looking ahead, the frequency and sophistication of these wargames are likely to increase. The CBUAE’s continued emphasis on collaboration — bringing in telecoms, insurers, and fintechs — points toward a sector-wide cyber stress-testing framework akin to what the Bank of England has implemented with CBEST. The 2026 edition marks a maturing of the UAE’s financial cyber defense posture from reactive incident management to proactive, intelligence-led resilience building. The next frontier will be integrating these simulations with real-time threat intelligence feeds and conducting cross-border exercises with GCC partners to combat region-wide campaigns. The outcomes from fifth edition will likely inform the next revision of the UAE’s cybersecurity regulatory standards, making the wargame not just a training event but a policy-shaping activity.

Sources

Sources

Based on 6 source articles

Cite This Page

"UAE Banks Run 350+ Expert Cyber Wargame to Test Real-World Attack Response." Cyber Intelligence Brief, June 28, 2026. https://getcyberbrief.com/story/uae-banks-5th-cyber-wargame-350-participants

How we covered this story

Every story in our cybersecurity coverage is assembled from multiple primary sources, cross-referenced for factual consistency, and scored along three independent dimensions: sentiment, operational impact, and source-cluster confidence. Single-source rumors and unverifiable claims do not pass our editorial gate. When a story shows "Verified by N sources" with N≥2, the development is independently corroborated; when N=1, we mark it explicitly so readers can weigh the signal accordingly.

Impact scoring uses a 1-10 scale weighted toward regulatory, financial, and operational consequence rather than coverage volume. A topic that runs in every outlet but moves no real decisions ranks lower than a niche regulatory filing that reshapes how operators in the cybersecurity space have to behave. Read our full methodology for the scoring rubric, our glossary for term definitions, and our trends index for the longitudinal view across the beat.