With the preparation to host the FIFA World Cup in 2022, Qatar has issued a framework which makes
cybersecurity and privacy top priority. This framework is aimed at a national level for all
governmental and critical sectors, businesses and institutions which should implement it and adopt it
The design of Qatar 2022 Cyber Security Framework (CSF) is attempting to take a capability-based
approach which is a fit for purpose. It considers security risks identified by the entities as a
result of risk management and use it to scope world cup services and associated systems.
Qatar Privacy Law:
HH the Emir Sheikh Tamim bin Hamad al-Thani on Thursday (November 13) issued Law No 13 of 2016 on
protecting personal data. According the law, businesses are now banned from sending direct marketing
messages electronically without obtaining an individual’s prior consent. According to the law,
organizations must adhere to basic data protection responsibilities. It also includes articles that
require consent from individuals before their personal information can be used by an organization.
According to Article 17, the owner or operator of any website related to children must put up a policy
about how it manages the information of minors.
National ICS Security Standard:
The national ICS security baseline standard provides the minimum controls that needs to be
incorporated or addressed for any ICS system that has been determined to be critical.