Description

Adopted Telework Cybersecurity Controls

In 2021, the National Cybersecurity Authority (NCA) adopted the Telework Cybersecurity Controls (TCC-1: 2021). The TCC applies to remote work activities by employees of government organisations and private organisations operating Critical National Infrastructure. The Essential Cybersecurity Controls (ECC) are extended in order to adapt to the cybersecurity needs of remote work. The TCC comprises three principal domains, namely Cybersecurity Governance, Cybersecurity Defence and Third-Party/Cloud Computing Cybersecurity, each of which is further subdivided into specific subdomains. The key governance controls include the documentation of cybersecurity policies, the conduct of risk assessments, and the provision of training on secure telework practices. The cybersecurity defence controls place particular emphasis on asset management, access management, system protection, network security and incident response. Furthermore, the TCC delineates the requisite controls for mobile device security, cryptography, backup, vulnerability management, and penetration testing. The third-party controls stipulate that telework systems hosted on external servers must comply with the cybersecurity standards that are in place in Saudi Arabia.

Original source

Scope

Policy Area
Data governance
Policy Instrument
Cybersecurity regulation
Regulated Economic Activity
infrastructure provider: internet and telecom services, infrastructure provider: cloud computing, storage and databases, infrastructure provider: network hardware and equipment, infrastructure provider: other
Implementation Level
national
Government Branch
executive
Government Body
other regulatory body

Complete timeline of this policy change

Hide details
2021-01-01
adopted

In 2021, the National Cybersecurity Authority (NCA) adopted the Telework Cybersecurity Controls (TC…

We use cookies and other technologies to perform analytics on our website. By opting in, you consent to the use by us and our third-party partners of cookies and data gathered from your use of our platform. See our Privacy Policy to learn more about the use of data and your rights.