JEDDAH: The National Cybersecurity Authority (NCA) issued its Cloud Cybersecurity Controls document, it announced on Thursday.
The controls aim to reinforce the reliability of cloud services by providing security against various threats and to support the continuity of services to users.
The NCA is responsible for issuing, monitoring, and updating the Kingdom’s cybersecurity policies and standards.
The document was developed after extensive research into global cybersecurity standards, practices frameworks and controls, the NCA said in its statement.
The document consists of 37 main controls and 96 subcontrols for cloud-service providers, as well as 18 main controls and 26 subcontrols for cloud-service tenants.
The NCA also announced its cybersecurity cloud controls methodology and mapping annex document, which explains the design principles and structure of the cybersecurity cloud controls, and lays out their relation to international standards.
The new document is an extension of other controls issued by NCA, including its Essential Cybersecurity Controls and Critical Systems Cybersecurity Controls.
The authority stressed that by implementing these controls, users will be protecting national security and the Kingdom’s critical infrastructure.