Guide to Essential Cybersecurity Controls (ECC) Implementation

Image

Guide to Essential Cybersecurity Controls (ECC) Implementation

Type of regulatory document: Guidelines and support tools

 

Overview

National Cybersecurity Authority (NCA) is the government entity in charge of cybersecurity in the Kingdom, and it serves as the national authority on its affairs. NCA is mandated to develop and update policies, governance mechanisms, frameworks, standards, controls and guidelines related to cybersecurity, share them with relevant entities and follow up on their compliance. The purpose of developing Guide to Essential Cybersecurity Controls (ECC) Implementation to enable the targeted entities in implementing ECC requirements that are needed for their compliance and identify relevant cybersecurity tools that are developed by NCA. 
 

What are Essential Cybersecurity Controls

A document that sets the minimum cybersecurity requirements based on best practices and standards to minimize the cybersecurity risks to the information and technical assets of national organizations in the kingdom. The controls are based on 5 main domains <Cybersecurity Governance, Cybersecurity Defense, Cybersecurity Resilience, Third-party and Cloud Computing Cybersecurity and Industrial Control Systems Cybersecurity>. 

About Guide to Essential Cybersecurity Controls (ECC) Implementation

This document was developed after conducting a comprehensive study and analyzed the national information to clarify the control implementation guidelines and relevant cybersecurity tools developed by NCA. This guide was developed based on the information and experiences that NCA collected and analyzed since the publication of the ECC and is aligned with cybersecurity best practices to facilitate the implementation of the controls across national organizations.

Goals 

  • Enable national organizations in implementing ECC requirements that are needed for their compliance with the ECC.
  • Reduce cybersecurity risk in national organizations that arise from internal and external cyber threats.
  • Strength the cybersecurity posture.

The Guidelines Includes

  • Control implementation guidelines.
  • Relevant cybersecurity tools.
  • Expected deliverables after implementing cybersecurity controls.

Targets Audience 

  • Government entities including (ministries, authorities, establishments, and others) and their companies and entities. 
  • Private sector organizations owning, operating, or hosting Critical National Infrastructures (CNIs).
  • Other entities in the Kingdom. 

 

To View  «Guide to Essential Cybersecurity Controls (ECC) Implementation»