NCA DCC (Data Cybersecurity Controls)
Region
SA (Saudi Arabia)
Focus
Data Protection
Detailed description
The Data Cybersecurity Controls is developed by the NCA as an extension to the Essential Cybersecurity Controls (ECC) to contribute to raising the cybersecurity maturity by setting the minimum cybersecurity requirements to enable organisations to protect their data during its entire data lifecycle. These controls have been developed after conducting a comprehensive study of multiple national and international cybersecurity standards, frameworks and controls, studying related laws and regulations, reviewing cybersecurity best practices and analyzing cybersecurity risks, threats, previous incidents and attacks at the national level.
Key Details
Developed by the Saudi National Cybersecurity Authority (NCA). Focuses on data classification, encryption, storage, and secure data transfers. Emphasises data lifecycle protection and compliance with local and international data protection laws. Encourages secure data access and regular audits.