NCSRL is the backbone for QCRI’s collaboration with government agencies and stakeholders to build and tailor cyber security solutions for the nation. It is composed of a secure data lab for sensitive data sharing and analysis, a national security operation center for local stakeholders to assess their security postures, and a cyber range to accommodate national cyber security training. NCSRL has already carried out key responsibilities in the cyber security training of close to 600 employees of ministries and local organizations.
National Cyber Security Research Lab
Description, Goals, and Focus
The NCSRL was established as a joint collaboration between QCRI and the Ministry of Interior (MOI) and later endorsed by the newly established National Cyber Security Agency (NCSA). NCSA was established under the Amiri Decision No.1 of 2021 as the sole government entity responsible for implementing and overseeing issues associated with national cyber risks and threats, enhancing readiness and resilience against cyber crises, and protecting vital infrastructure, as well as other duties. Through NCSRL, QCRI has been working as the research arm first of MOI and now of NCSA. The NCSRL supports the national initiatives to protect the digital borders and to maintain a safe cyber space for Qatar by advancing and tailoring the state-of-the-art cyber defenses to national needs, providing defense and vulnerability analysis consultancy services, and providing comprehensive cyber security awareness and training programs. NCSRL achieves this by bringing together researchers from academic and research institutes and practitioners, and operators from government and industry.
NCSRL comprises the following three main units:
- Secure Data Lab. The lab is built of a unique infrastructure of high-end servers and networks with top physical (biometric access) and digital security measures (air-gapped and isolated from the external world). Such strict measures ensure a trusted and private environment to store and analyze the sensitive data shared by the ministries and different government entities. The lab currently hosts logs from three ministries including the ministry of public health (MOPH), ministry of justice (MOJ), and ministry of energy and industry (MEI).
- National Security Operations Center. It provides a dedicated security analytics platform for ministries to access their logs, explore their security vulnerabilities, and provide feedback on the solutions developed to mitigate problems. This unit will be utilized by the ministries and public stakeholders in Qatar, especially those who may not have the proper human and technology resources to address their cyber security needs.
- National Cyber Range. A cyber range is a controlled computing environment for training, testing, and validating security solutions. The cyber range aims at building local capacity in cyber security professionals and practitioners as well as providing training programs for school and university students. The cyber range also helps ministries and national stakeholders to uncover their security vulnerabilities by providing comprehensive security assessment and evaluation of infrastructure, process, and people through large scale emulations. Finally, the cyber range helps to test and validate new cyber security technologies before deployment, as well as providing a safe and controlled environment for researchers to study the impact of different cyber threats and attacks and the effectiveness of their developed solutions. The cyber range will be critical in helping ministries assess the resilience of their digital infrastructure.
NCSRL acts as the backbone for the collaboration with government agencies and stakeholders to build capacity and develop cyber security solutions tailored to the local needs. We are the first entity to sign an MOU with the NCSA. The NCSA leadership emphasized in our many engagements with them that they consider our cyber range as “the National” cyber range and they are keen to collaborate and utilize it for all their relevant activities. This collaboration is already put into practice since the cyber range has already served as the training platform for the latest NCSA training program. Nearly 600 employees with diverse backgrounds from over 90 ministries and local organizations in Qatar had cyber training sessions at the cyber range as part of the Cybercrime Training Prevention Program launched by the NCSA. Moreover, the NCSA solicited NCSRL to partner in conducting the coming “National Initiative for Digital Safety”, “Watan Exercise”, and the next phase of the “National Cybersecurity Training Program.”
NCSRL and QCRI in general collaborate to conduct research that is aligned with real-world needs. This alignment ensures interest in our work, and acknowledgment of the skill set we bring, particularly from the ministries, and that is what eventually led to the formation of NCSRL. Examples of technologies developed by QCRI to support the collaboration with the NCSA include: (1) Cyber intelligence generation of malicious entities (URLs, IPs, Ransomware, Phishing, Spam, etc.), (2) defending against misinformation and fake news, and (3) fighting e-crime conducted through cryptocurrency.
- Revenue generation. The unique infrastructure, the high-quality skill set, and the close collaboration with the NCSA and other government entities gives the NCSRL a highly competitive advantage with high potential for revenue generation through its training programs, consultancy services, and novel national-tailored defensive solutions. Such professional operations of the NCSRL requires it to be properly staffed with the risk of losing business and jeopardizing our competitive advantage otherwise.