Al Hosn Information Security Consultancy

Al Hosn is an Emirati-bred cybersecurity firm focused on contributing to the protection of the UAE from
Cybersecurity threats by working diligently to enhance the cyber preparedness of key national entities.

We provide consultancy focusing on cyber risks management and security awareness. Our services are
designed to help Critical Information Infrastructure (CII) operators protect their critical information assets, and
services.

We take pride in being a partner to key critical infrastructure operators that assists them with implementing
the necessary security controls, governing them, and complying with national standards.

Over the past two years, Al Hosn has garnered attention with a number of key government sector entities due
the unique model it adopts - combining international best practice with regional and sector experience in the
cyber security space, while ensuring they provide the necessary NESA/ADSIC(UAE) based Consultation and
Assessments. Al Hosn works with organizations on defining their RISK, THREATS and supporting them in
understanding and adhering to CAPSTONE POLICIES.

 We have a full understanding of NESA’s/ADSIC regulatory requirements and standards to achieve

quick and tangible compliance results.
 We adopt the industry’s standard risk-based approach and combine it with our trademark customized
security services for each critical sector and CII entity.
 We have specialized subject matter experts to mitigate both Operation Technologies (OT) and
Information Technologies (IT) cyber risks.

Besides the governance element, Al Hosn understands the importance of the human element and the critical
role it plays in the resilience of any organization against cyber-threat. Al Hosn adopts a best-in-practice
methodology to deliver awareness campaigns tailored to each unique client’s needs. In doing this, we adopt a
pragmatic approach to our awareness journey with each organization by designing realistic programs that take
into consideration their budget concerns, other operational priorities, approvals, resource optimization and
time management.

Among our prestigious roster of clients, Al Hosn has most recently delivered specialized awareness campaigns
to critical entities across the oil and gas, utilities, and banking sectors.

Our Services
Cybersecurity Risk Assessments

Information Security Risk Assessment is a key step for entities to understand their
security gaps and vulnerabilities in their journey towards a mature security posture.

Al Hosn helps Critical Information Infrastructure (CII) entities identify their security gaps and vulnerabilities
available in the policies & processes, systems and devices, and resources.

Our highly-qualified consultants adopt different risk management methodologies including NESA National
Risk Management Framework (NCRMF) to determine gaps against UAE IA Controls and develop Risks
Mitigations Plans.

We have successfully completed various risk assessments for clients within the Oil & Gas and Utilities sectors
that resulted in effective and clear understanding of their risks types, levels and mitigation options.
We typically complete the service with the following deliverables:

 Entity Risk Assessment Management Framework

 Risk Management Report
 Risk Mitigation Plan
 Information Security Roadmap

Types of Risk Assessments

Information Technology (IT) Risk Assessment

We offer enterprise IT security risk assessment that covers the core systems & applications, data network
infrastructure, Policies & Processes, and physical security.

Operational Technologies (OT) Risk Assessment

This core service of Industrial Security System (ICS) security risk assessment is offered to CII Operators in the
Oil & Gas, Utilities, and Healthcare sectors. It is conducted with thorough understanding of the operating
environment and the cyber security of mission critical DCS and SCADA systems.

A number of clients have already benefited form an effective ICS risk assessment service delivered by our
consultants who have access to rich ICS threat intelligence database and come with the knowledge of the local
and international security controls to mitigate them.

Compliance to Local and International InfoSec Standards

Complying to local or international security standards strengthen the protection of

organization cyber assets to reducing risks level and prevent threat manifestation.

Al Hosn helps organizations comply to local security standards like NESA Information Assurance (IA) Controls
and international standards like ISO 27001:2013 by designing the relevant ISMS program an provide guidance
in the most effective way to implementing based on business priorities and risk appetite.

We typically complete the service with the following deliverables:

 Information Security Management System (ISMS)

 Security Policies and Processes
 Governance Risk and Compliance (GRC) framework
 Internal audit document
 ISO 27001 Certificate from the certification body

Training and Awareness

To safeguard against ever-increasing risk exposure to modern organizations their

management, professional staff, and End Users need to be thoroughly familiarized with
the level and propensity of threats that exists in their operating environment.

The awareness training sessions that Al Hosn delivers are intended to address this critical business risk which is
specifically related to inadequate OT and IT security awareness within most organizations.

To ensure the quality and coverage of the training and do an effectively increase the level of awareness, we
have partnered with the industry leaders for this region.
We offer the following services under this domain:

 Role-based Instructor-led awareness targeting senior management, professional OT and IT staff

 General security awareness of all staff using very effective Computer Based Training
 Most up-to-date security topics are covered in short modules to provide an entertaining e-learning
experience
 Assessments using very effective tools to measure level of awareness of the participants before
and after the sessions

Our Clients

Oil and Gas Clients

Al Hosn was commissioned to carry out several Risk Assessments of different critical sites in different verticals
within the ADNOC group of companies as well as large scale awareness project for a prestigious local oil and
gas entity. The projects covered both Information Technologies and Operation Technologies domains leading
to develop information security risks mitigation plan and security roadmap and compliance to NESA
standards.

Utilities Clients
Al Hosn was awarded contracts by prestigious local and federal utilities companies to deliver risk
assessments, develop information security risks mitigation plan and security roadmap for compliance to local
and international standards.

Banking Clients
Al Hosn was commissioned by a top national bank to implement a CBT cybersecurity awareness campaign.
This was customized to the client’s needs to ensure relevant topics, awareness cycles, and tracking and
monitoring of progress per department. Efforts were targeted at to address the latest threats in the
cybersecurity sphere through a number of pre-defined modules with varying levels of difficulty. Al Hosn
provides on demand support where required, and ongoing counsel.

Our Contact Details

Telephone No.: 02-642-5150
Fax No.: 02-642-5855
Email Address: info@alhosninfosec.com
Address: P.O. Box 128441, Abu Dhabi, United Arab Emirates

####
Company Trade License
Commercial License ‫ﺭﺧﺼﺔ ﺗﺠﺎﺭﻳﺔ‬
License No : CN-1907394 : ‫ﺭﻗﻢ ﺍﻟﺮﺧﺼﺔ‬

ADCCI No : 332041 : ‫ﻋﻀﻮﻳﺔ ﺍﻟﻐﺮﻓﺔ‬

Establishment Card : 841221 : ‫ﺑﻄﺎﻗﺔ ﺍﻟﻤﻨﺸﺄﺓ‬

MOHRE ‫ﻭﺯﺍﺭﺓ ﺍﻟﻤﻮﺍﺭﺩ ﺍﻟﺒﺸﺮﻳﺔ ﻭﺍﻟﺘﻮﻃﻴﻦ‬
Legal Form : Establishment ‫ ﻣﺆﺳﺴﺔ ﻓﺮﺩﻳﺔ‬: ‫ﺍﻟﺸﻜﻞ ﺍﻟﻘﺎﻧﻮﻧﻲ‬
‫ ﺍﻟﺤﺼﻦ ﻻﺳﺘﺸﺎﺭﺍﺕ ﺍﻣﻦ ﺍﻟﻤﻌﻠﻮﻣﺎﺕ‬: ‫ﺍﻹﺳﻢ ﺍﻟﺘﺠﺎﺭﻱ‬

Trade Name : Al Hosn Information Security Consultancy

Establishment Date : 13/01/2015 : ‫ﺗﺎﺭﻳﺦ ﺗﺄﺳﻴﺲ ﺍﻟﻤﻨﺸﺄﺓ‬
Issue Date : 11/02/2018 : ‫ﺗﺎﺭﻳﺦ ﺍﻹﺻﺪﺍﺭ‬
Expiry Date : 10/02/2019 : ‫ﺗﺎﺭﻳﺦ ﺍﻹﻧﺘﻬﺎﺀ‬

‫ﺍﻟﺼﻠﺔ‬ ‫ﺍﻟﺠﻨﺴﻴﺔ‬ ‫ ﺍﻟﺸﺮﻛﺎﺀ‬/ ‫ﺍﻟﻤﻼﻙ‬ ‫ﺍﻟﺮﻣﺰ‬

Role Nationality Owners / Partners No.
‫ﻣﺎﻟﻚ‬ ‫ﺍﻹﻣﺎﺭﺍﺕ ﺍﻟﻌﺮﺑﻴﺔ ﺍﻟﻤﺘﺤﺪﺓ‬ ‫ﺳﻌﻮﺩ ﺣﻤﺪ ﺳﻌﻴﺪ ﻧﺎﺻﺮ ﺍﻟﺠﻨﻴﺒﻲ‬ 20041507
Owner United Arab Emirates --
Commercial Activities : : ‫ﺍﻷﻧﺸﻄﺔ ﺍﻟﺘﺠﺎﺭﻳﺔ‬
- Security Systems Consultancy ‫ ﺍﺳﺘﺸﺎﺭﺍﺕ ﻓﻲ ﻣﺠﺎﻝ ﺍﻻﻧﻈﻤﺔ ﺍﻻﻣﻨﻴﺔ‬-
- Onshore And Offshore Oil And Gas Fields And Facilities Services ‫ ﺧﺪﻣﺎﺕ ﺣﻘﻮﻝ ﻭﻣﻨﺸﺄﺕ ﺍﻟﻨﻔﻂ ﻭﺍﻟﻐﺎﺯ ﺍﻟﺒﺮﻳﺔ ﻭﺍﻟﺒﺤﺮﻳﺔ‬-
Address : ‫ ﺣﻤﻴﺪ ﺳﻌﻴﺪ ﻋﺎﻣﺮ ﺣﻤﺪ ﺍﻟﻨﻴﺎﺩﻱ‬/‫ ﺍﻟﻤﺎﻟﻚ‬,‫ ﻭﺣﺪﺓ‬,602‫ ﻣﻜﺘﺐ‬- 6‫ ﻁ‬- C29‫ ﻕ‬- 14_2‫ ﻏﺮﺏ‬- ‫ ﺷﺎﺭﻉ ﺍﻟﻤﻄﺎﺭ‬,‫ ﺟﺰﻳﺮﺓ ﺃﺑﻮﻇﺒﻲ‬: ‫ﺍﻟﻌﻨﻮﺍﻥ‬

‫ ﺑﺄﻥ ﺍﻟﻤﻨﺸﺄﺓ ﺍﻟﻤﺬﻛﻮﺭﺓ ﺃﻋﻼﻩ ﻗﺪ ﺳﺠﻠﺖ ﻟﺪﻳﻨﺎ‬2005 ‫ ﻟﻌﺎﻡ‬27 ‫ﺗﺸﻬﺪ ﻏﺮﻓﺔ ﺃﺑﻮﻇﺒﻲ ﺑﻤﻮﺟﺐ ﺍﻟﻘﺎﻧﻮﻥ ﺭﻗﻢ‬
Abu Dhabi Chamber certifies that the above mentioned establishment has been registered in accordance with the law No.27 of 2005
http://www.ded.abudhabi.ae ‫ ﻟﻠﺘﺤﻘﻖ ﻣﻦ ﺻﺤﺔ ﺍﻟﺒﻴﺎﻧﺎﺕ ﺍﻟﻮﺍﺭﺩﺓ ﻓﻲ ﺍﻟﺮﺧﺼﺔ ﺑﺮﺟﺎﺀ ﺯﻳﺎﺭﺓ ﺍﻟﻤﻮﻗﻊ‬.‫ ﺃﺑﻮﻇﺒﻲ‬- ‫ﻭﺛﻴﻘﺔ ﻣﻌﺘﻤﺪﺓ ﻭﺻﺎﺩﺭﺓ ﺑﺪﻭﻥ ﺗﻮﻗﻴﻊ ﺃﻭ ﺧﺘﻢ ﻣﻦ ﺩﺍﺋﺮﺓ ﺍﻟﺘﻨﻤﻴﺔ ﺍﻹﻗﺘﺼﺎﺩﻳﺔ‬
Approved document issued without signature or stamp by the Department of Economic Development - Abu Dhabi. To verify the
license kindly visit http://www.ded.abudhabi.ae
This Document is Considered As Commercial Register ‫ﺗﻌﺘﺒﺮ ﻫﺬﻩ ﺍﻟﻮﺛﻴﻘﺔ ﺑﻤﺜﺎﺑﺔ ﺳﺠﻞ ﺗﺠﺎﺭﻱ‬

*CR-2487420*
http://ded.abudhabi.ae
Abu Dhabi Chamber of Commerce &
Industry (ADCCI) Certificate
Signatory Page
ISO Certificates
 ISO 9001:2008
Quality Management Systems
 ISO 14001:2004
Environmental Management Systems
 OHSAS 18001:2007
Occupational Health and Safety
Management Systems