In its Vision 2030 development plan, Saudi Arabia included a National Transformation Program whose purpose is to diversify the Kingdom’s income away from the oil industry. One of the core tenets of that program is to enable the growth of the private sector by developing the digital economy. Specifically, Saudi Arabia set out its intention to increase the contribution of the digital economy that’s non-oil GDP from 2% to 3% by 2030. The Kingdom made clear that this process must involve partnering with private actors to develop more telecommunications/IT infrastructure along with supporting local investment in those sectors.
The Kingdom also recognized that it must take appropriate security measures to secure this process. As stated in a document published on its website:
This transformation requires easing the flow of information, securing it and preserving the integrity of all systems. It also requires maintaining and supporting the cybersecurity of the Kingdom in order to protect its vital interests, national security, critical infrastructures, high priority sectors and governmental services and practices.
Acknowledging these tasks, Saudi Arabia created the National Cybersecurity Authority (NCA) as well as approved the government entity’s mandate to develop national digital security policies by royal decree. The NCA acted upon this directive by developing the Essential Cybersecurity Controls (ECC), measures which constitute the minimum security requirements for in-scope national organizations. As such, compliance with ECC is mandatory for those entities.
So, how can organizations ensure compliance with ECC?
To answer that question, this blog post will first examine the five domains of ECC. It will then explain how Tripwire Enterprise can assist organizations in achieving compliance with the Controls’ domains using foundational controls for security, compliance and IT operations.
Inside the Essential Cybersecurity Controls
The NCA created the Essential Cybersecurity Controls in 2018 to help government organizations as (Read more...)
*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Ehab Nour. Read the original post at: https://www.tripwire.com/state-of-security/featured/national-cybersecurity-authority/