For the Kingdom of Saudi Arabia, the controls required in its Essential Cybersecurity Controls (ECC-2) are more than an essential strategic response to evolving cyber threats. In elevating cybersecurity across national organizations, both public and private, the ECC underpins the secure, resilient, and technologically advanced future outlined in the nation’s Vision 2030 initiative.
The ECC-2 provides comprehensive guidance for application of standards-driven cybersecurity practices across five domains: governance, defense, resilience, third-party and cloud computing security, and industrial control systems.
Across all these domains, identity systems provide access and authentication controls for the most critical business systems.
What’s inside
- The emerging threat landscape: Learn why identity systems such as Active Directory, Entra ID, and Okta are primary targets for cyber criminals.
- Cybersecurity governance: Understand how to gain visibility into complex identity infrastructure and achieve the accountability required for ECC compliance.
- Cybersecurity defense: Review measures that will enhance identity system hygiene, Zero Trust initiatives, and identity threat detection and response (ITDR).
- Cybersecurity resilience: Proactively establish programs and controls to ensure business continuity, including detailed incident response planning, preparation, testing, and continuous improvement.
- Identity and access management: Establish strong controls over who has access to your systems, how they get in, and what they can do.
- Third-party and cloud computing cybersecurity: Build end-to-end supply chain resilience by extending required controls across third-party suppliers and vendors operating in a modern hybrid environment.
Improve control of your organization’s identity security posture—and move confidently to ECC-2 compliance.
