The National Cybersecurity Authority (NCA) is the government entity in charge of cybersecurity in Saudi Arabia, encompassing both regulatory and operational functions related to cybersecurity.
National Cybersecurity Authority Essential Cybersecurity Controls
The NCA works closely with public and private entities to improve the cybersecurity posture of the country in order to safeguard its vital interests, national security, critical infrastructures, high-priority sectors, and government services and activities. The NCA’s Essential Cybersecurity Controls (ECC) take the cybersecurity needs of all organizations and sectors in the Kingdom of Saudi Arabia, meaning that every organization therein must comply.
According to NCA, it has developed the Essential Cybersecurity Controls “after conducting a comprehensive study of multiple national and international cybersecurity frameworks and standards, studying related national decisions, law and regulatory requirements, reviewing and leveraging cybersecurity best practices, analyzing previous cybersecurity incidents and attacks on government and other critical organizations, and surveying and considering opinions of multiple national organizations.”
Fortra’s solution portfolio offers deep coverage for NCA ECC Domains 1 and 2, from cybersecurity awareness to web application security. See the table below to learn how each NCA maps to its corresponding Fortra solution.
ECC Domain | Category | Fortra Solution |
---|---|---|
1-10 |
Cybersecurity Awareness and Training Program
|
Fortra’s Terranova Security provides engaging cybersecurity awareness training to help build a cyber-aware culture. |
2-1 |
Asset Management |
Fortra's Intermapper helps you map and monitor your entire IT environment, providing you the ability to troubleshoot issues proactively. Fortra’s vulnerability management solutions provide a network map with asset visualization to help identify and prioritize vulnerabilities before an attacker does. |
2-2 |
Identity and Access Management (IAM) |
Fortra's Core Security helps you identify and manage access with IAM and privileged access management (PAM) solutions. |
2-3 |
Information System and Processing Facilities Protection |
Fortra's Powertech anti-virus and anti-malware solutions help you manage the evolving cybersecurity threats to Linux, AIX, and IBMi environments. |
2-4 |
Email Protection |
Fortra's Clearswift Secure Email Gateway helps keep your organization safe by monitoring the emails coming into and out of your organization. Fortra’s Agari Phishing Defense and Response detects business email compromise scams by continuously scanning for indicators of compromise. Fortra’s PhishLabs DRP and Agari Brand Protection solutions help stop phishing attacks by automating the process of DMARC email authentication and enforcement. |
2-5 |
Networks Security Management |
Fortra's Clearswift Secure Web Gateway keeps critical data safe by providing complete control over the information that is accessed or shared online. |
2-6 |
Mobile Devices Security |
Fortra's Terranova Security provides engaging cybersecurity awareness training for mobile users. |
2-7 |
Data and Information Protection
|
Fortra's data classification solutions help you identify and classify all your data types. Fortra’s Digital Guardian provides both endpoint and network data loss prevention (DLP) solutions to protect against threats to sensitive information. Fortra’s Vera digital rights management (DRM) solution provides encryption, security and policy management to the data itself, no matter where it goes. Fortra’s Tripwire Enterprise helps monitor the integrity and protect your data by identifying unauthorized changes made in your environment. |
2-8 |
Cryptography |
Fortra's data security solutions help meet a wide variety of encryption needs. |
2-9 |
Backup and Recovery Management |
Fortra's Robot solution allows you to manage IBMi backups from a centralized location. |
2-10 |
Vulnerabilities Management |
Fortra's vulnerability management solutions help you identify and prioritize your security vulnerabilities. |
2-11
|
Penetration Testing |
Fortra's offensive security solutions and services help you proactively pinpoint your greatest cybersecurity risks using the same techniques as the attackers. |
2-12 |
Cybersecurity Event Logs and Monitoring Management |
Fortra's Tripwire LogCenter provided centralized log collection and analysis to be able to quickly respond to threats in your environment. |
2-15 |
Web Application Security |
Fortra's Frontline Web Application Scanning (WAS) solution from Digital Defense helps you identify and report on vulnerabilities in your web applications. Fortra’s Alert Logic Web Application Firewall (WAF) services help block threats against your critical web applications. |