framework

Essential Cybersecurity Controls (ECC-2: 2024)

Issuing bodyNCA
CountrySaudi Arabia
RegionNational
Date issued2024
cybersecurityrisk managementcompliance

The Essential Cybersecurity Controls (ECC-2: 2024) framework, issued by the National Cybersecurity Authority (NCA) of Saudi Arabia, provides a set of cybersecurity controls. It aims to protect organizations from cyber threats and ensure compliance with national cybersecurity standards. The Arabic version of the document is the binding language.

Key requirements
  • Implement cybersecurity controls in accordance with the laws of the Kingdom of Saudi Arabia.
  • Adhere to the Traffic Light Protocol (TLP) for sharing sensitive data.
  • Implement the updated version of ECC as per the cybersecurity requirements and related industry updates.
Applies to: Organizations operating within the Kingdom of Saudi Arabia
View original document ↗Ask GCC LexAI about this →
More from NCA
Cloud Cybersecurity Controls (CCC-2: 2024)Cloud Cybersecurity Controls Implementation Guide for CSPsCloud Cybersecurity Controls Implementation Guide for CSTsCritical Systems Cybersecurity Controls (CSCC-1: 2019)Critical Systems Cybersecurity Controls Implementation GuidelinesData Cybersecurity Controls (DCC-1: 2022)
AI-generated summaries only. Arabic originals are legally binding. This is not legal advice. · ← All documents