UAE prepares for the post-quantum era with the National Encryption Policy

The UAE approved the National Encryption Policy and released its executive regulation, marking a significant move toward reinforcing the country’s digital infrastructure and advancing the transition to post-quantum cryptography.

According to the new policy, government agencies must now create clear, officially sanctioned plans that outline how they will shift from traditional encryption approaches to quantum-resilient standards.

The policy is designed to support a more secure, technologically prepared future as quantum computing capabilities continue to advance rapidly.

Under this policy, the UAE Cybersecurity Council will supervise national migration efforts, coordinating with government organizations to ensure the effective adoption of post-quantum encryption standards.

The Council’s work will prioritize enhancing data protection and securing digital assets in line with global best practices.

The UAE is developing broad national strategies to elevate readiness for emerging cybersecurity threats. The UAE Cybersecurity Council defines the procedures and standards needed for successful implementation and submits its recommendations to the National Security Advisor for approval.

The Council will develop methods to reduce the risks posed by quantum computing to systems reliant on outdated or weak cryptographic techniques. It will prepare migration strategies for sensitive systems, perform analytical and technical evaluations, and assist both public and private organizations in reviewing the integrity and readiness of digital systems before large-scale rollout.

These evaluations cover the quality, efficiency, and preparedness of AI systems, hardware, software, and other technical components to ensure they meet national and international benchmarks.

This process helps institutions secure technical accreditation and validate their solutions with confidence. To strengthen security further, the Council’s services are organized around four key testing and verification areas:

• AI reliability testing
• Software reliability testing
• Hardware reliability testing
• Signal reliability testing

These pillars ensure that digital systems, applications, and critical infrastructure can withstand new threats and meet the UAE’s cybersecurity standards.