Assisting your Enterprise to comply with the Kingdom’s Regulations
HIDE Consultants can assist your organizations to implement the Kingdom’s local regulations like NCA’s ECC (Essential Cybersecurity Controls), Cloud Cybersecurity controls and the SAMA framework for Cybersecurity.
The National Cybersecurity Authority “NCA” has developed the Essential Cybersecurity Controls (ECC – 1: 2018) to set the minimum cybersecurity requirements based on best practices and standards to minimize the cybersecurity risks to the information and technical assets of organizations that originate from internal and external threats.
The Essential Cybersecurity Controls consist of 114 main controls, divided into five main domains:
The Essential Cybersecurity Controls are mandatory where all organizations, within the scope of these controls must implement whatever necessary to ensure continuous compliance with the controls.
The Saudi Arabian Monetary Authority (SAMA) established a Cyber Security Framework (“the Framework”) to enable Financial Institutions regulated by SAMA (“the Member Organizations”) to effectively identify and address risks related to cyber security. To maintain the protection of information assets and online services, the Member Organizations must adopt the Framework.
The objective of the Framework is as follows:
The Framework will be used to periodically assess the maturity level and evaluate the effectiveness of the cyber security controls at Member Organizations, and to compare these with other Member Organizations.
The Framework is based on the SAMA requirements and industry cyber security standards, such as NIST, ISF, ISO, BASEL and PCI.
HIDE Consultants will assist your organizations in building a ‘Unified Control Framework’ that is a toolkit to ensure all relevant controls are documented and measured against going forward. The UCF will contain the following domains: