Complying with the ECC and DCC of the National Cybersecurity Authority (NCA)

With the digital transformation and easy access and sharing of data, protecting personal data is becoming challenging.

The Kingdom of Saudi Arabia is striving towards a new era under the National Vision 2030 to improve government effectiveness and transparency, develop economic diversification with digital and data, and participate in the global economy based on public trust and international partnerships.

The ECC and DCC of the National Cybersecurity Authority

The National Cybersecurity Authority (NCA) has developed a set of essential cybersecurity controls (ECC-1: 2018) for all organizations to implement. These practices were derived from the NCA's review and consideration of multiple national frameworks, standards, and international experiences. The NCA also surveyed opinions from various organizations about how best practices should work in this area to be better protected against future attacks.

In continuation of its role in regulating and protecting the Kingdom's cyberspace, NCA has issued the Data Cybersecurity Controls (DCC-1:2022). These controls are designed based on comprehensive research of multiple national and international cybersecurity standards, frameworks, and controls.

National Cybersecurity Authority Whitepaper

Three Reasons Why Data-Centric Security Helps Comply with the ECC and DCC of the National Cybersecurity Authority


Control who can use the information and to what extent


Revoke access to information - whether it is inside or outside the organization - whenever you deem necessary


Track the use of information wherever it travels and automatically generate reports consisting of details such as the devices and IP addresses that use the information

Infographic: Data Breaches in the Middle East
Download this infographic to learn more about data breaches affecting the Middle East region.
Whitepaper: Complying with the SDAIA Regulations
Download this whitepaper to learn how Seclore can help the entities handling personal data comply with specific sections of the Interim guidelines for comprehensive data governance on their critical data.
Infographic: Incoming Data Protection
Download this infographic to learn more about the importance of protecting incoming data shared by third parties.