Qatar is one of the wealthiest countries in the world. Finances Online, Global Finance Magazine and others consider it to be the wealthiest nation. This is because the country has a small population of under 3 million but relies on oil for the majority of its exports and Gross Domestic Product (GDP). These two factors helped to push the country’s GDP measured at purchasing power parity (PPP) to over 132,886, per Global Finance Magazine’s findings in August 2020.
Such wealth constitutes abundant opportunities for growth, including in the mind of Qatar’s General Secretariat for Development Planning all the way back in 2008. That’s why the agency decided to publish the National Vision 2030. This strategy sets out the aim to make Qatar into an advanced society by pursuing social, human, economic and environmental development.
To achieve the National Vision 2030 in full, Qatar’s Ministry of Transport and Communication (MOTC) recognized the need to secure the information flowing through the country’s information and communications technology (ICT). MOTC responded by creating the National Information Assurance (NIA) Policy. The document both defines a governance policy as well as elucidates policies and procedures that Qatari government agencies can use to safeguard ICT data flows, thereby providing those entities with a baseline for ensuring secure communications.
So, how can organizations ensure compliance with the NIA Policy?
To answer that question, this blog post will first examine how organizations can accurately classify their IT processes under the NIA Policy. It will then explain some of the security controls recommended by the MOTC that organizations can use to safeguard their processes. Finally, it will discuss how to use Tripwire Enterprise to remain compliant with the NIA Policy.
MOTC specifies that in-scope agencies can classify (Read more...)
*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Amarjit Kalsi. Read the original post at: https://www.tripwire.com/state-of-security/featured/achieving-compliance-qatars-national-information-assurance-policy/
Vaguely relevant but very cyber image from Dall-EOne pattern I spotted after looking at the evolution of IT and security organizations…
The takedown this week of a massive phishing-as-a-service (PhaaS) operation spanned law enforcement agencies from both sides of the Atlantic…
Security operations centers (SOCs) are the front lines in the battle against cyber threats. They use a diverse array of…
Authors/Presenters: *Sina Sajadmanesh, Ali Shahin Shamsabadi, Aurélien Bellet, Daniel Gatica-Perez* Many thanks to USENIX for publishing their outstanding USENIX Security…
FBI, CISA, EC3, and NCSC-NL issued an urgent advisory highlighting the use of new TTPs and IOCs by the Akira…
The newest version of the European Union Network and Information Systems directive, or NIS2, came into force in January 2023.…