Understand the implications of OTCC-1:2022 for your business

Saudi Arabia’s National Cybersecurity Authority recently released the “Cybersecurity Control Document for Operational Systems (OTCC-1:2022)”. This document aims to enable sensitive industrial facilities, critical infrastructure, private companies and government agencies to adopt best practices and standards to ensure safe operations at all times. Specifically, (OTCC-1:2022) has been developed to increase the level of cyber protection afforded to OT/ICS environments in light of the increase in attacks against OT and OT-related infrastructure and networks.

OTCC-1: 2022 by NCA

What should you watch out for in NCA’s OTCC-1:2022?

According to the authority, the document outlines approved controls for operational systems to help them align with cyber risk reduction for technology-enabled operational systems. The document aims to raise the bar on cybersecurity to ensure that relevant companies and entities apply and follow minimum requirements for protection by extending basic cybersecurity controls to improve risk management.

Cybersecurity Live - Boston

In accordance with the accompanying mandate issued by the NCA, these controls are to be implemented as an extension of the NCA’s Essential Cybersecurity Controls (ECC-1:2018) previously published. The term Industrial Control Systems (ICS) includes all devices, systems or networks used to operate and/or automate industrial processes.

The issuance of these checks falls within the authority’s mandate to establish policies, governance mechanisms, frameworks, standards, controls and guidelines related to cyber security in the Kingdom and based on its role in the regulation and protection of cyberspace, and seeking to promote and protect sensitive national interests and infrastructures by strengthening the cybersecurity of operational systems at the national level.

To comply with the requirements suggested by the document, companies and agencies must:

  • Increase the base level of protection afforded to OT systems
  • Invest in the continuous improvement of security measures
  • Review risk management measures to align them with emerging cyber threats
  • Expand the scope of basic security controls as an extension of point 1
  • Identify security vulnerabilities and work to close them to improve the overall security posture

Implications of OTCC-1:2022 for your business

OTCC-1:2022 has multiple implications for your business. From the data layer through to cloud entry, underlying controls, first response mechanisms and safeguards, a streamlined effort is required to comply with this mandate and to ensure your exposure to the institutional risk.

Sectrio is a leading supplier of IoT, OT, IT cybersecurity solutionsand threat intelligence. Our proven expertise can help your business meet its compliance mandates and infrastructure protection needs.

Sectrio’s cybersecurity experts can help you build a roadmap to comply with this OTCC-1:2022 and to improve your risk management measures to contain and mitigate threats. Speak to our experts now to start your threat assessment and mitigation journey.

Tell us about the simplified approach to OT security which significantly minimizes your exposure to institutional risk.

Worried about not having the right threat intelligence to improve your SecOps? Talk to us to try our threat intelligence feeds for free for the next two weeks.

Take part in the CISO Peer Survey 2022 and make your opinion count now, complete our uniquely designed survey here: CISO Peer Survey 2022

CISO Peer Survey 2022
Get started with the CISO Peer Survey here: Start the survey now!

Book a demo now to see our IT, OT and IoT security solution in action: Request a demo

2022 Threat Landscape Assessment Report
Get the Latest Copy of the OT and IoT Threat Landscape Report

Try our threat intelligence feeds for free for the next two weeks.

Improve your cybersecurity with free OT and IoT-focused threat intelligence feeds for 15 days
Understanding the implications of OTCC-1:2022 for your business – Sectrio

Get free access to enriched IoT-focused cyber threat intelligence for 15 days

*** This is a syndicated blog from the Security Bloggers Network of Sector written by Sector. Read the original post at: https://sectrio.com/understanding-the-implications-of-otcc-1-2022/

Source link