Saudi Arabia: Opened consultation on NCA amendments to Basic Cybersecurity Controls (ECC-2:2024)

On 30 September 2024, the National Cybersecurity Authority (NCA) opened a public consultation on proposed amendments to the Basic Cybersecurity Controls until 15 October 2024. The amendments aim to update the minimum basic requirements for cybersecurity across all sectors, focusing on the core protection objectives of confidentiality, integrity, and availability. Specifically, the amendments outline security obligations across four domains: cybersecurity governance, cybersecurity defence, cybersecurity resilience, and cybersecurity related to third-party and cloud computing services.