Complying with the ECC and DCC of the National Cybersecurity Authority (NCA)
With the digital transformation and easy access and sharing of data, protecting personal data is becoming challenging.
The Kingdom of Saudi Arabia is striving towards a new era under the National Vision 2030 to improve government effectiveness and transparency, develop economic diversification with digital and data, and participate in the global economy based on public trust and international partnerships.
The ECC and DCC of the National Cybersecurity Authority
The National Cybersecurity Authority (NCA) has developed a set of essential cybersecurity controls (ECC-1: 2018) for all organizations to implement. These practices were derived from the NCA's review and consideration of multiple national frameworks, standards, and international experiences. The NCA also surveyed opinions from various organizations about how best practices should work in this area to be better protected against future attacks.
In continuation of its role in regulating and protecting the Kingdom's cyberspace, NCA has issued the Data Cybersecurity Controls (DCC-1:2022). These controls are designed based on comprehensive research of multiple national and international cybersecurity standards, frameworks, and controls.
Three Reasons Why Data-Centric Security Helps Comply with the ECC and DCC of the National Cybersecurity Authority
CONTROL WHO & WHAT
Control who can use the information and to what extent
Revoke access to information - whether it is inside or outside the organization - whenever you deem necessary
TRACK AND AUDIT
Track the use of information wherever it travels and automatically generate reports consisting of details such as the devices and IP addresses that use the information