CybersecurityControl set

DCC-1:2022

Data Cybersecurity Controls

The Data Cybersecurity Controls (DCC-1:2022) establish minimum cybersecurity requirements to protect data throughout its lifecycle. Issued by the Saudi National Cybersecurity Authority, the controls build on existing cybersecurity frameworks to enhance the Kingdom's overall cybersecurity maturity.

Overview

The Data Cybersecurity Controls (DCC-1:2022) were developed by the Saudi National Cybersecurity Authority after analyzing national and international cybersecurity frameworks, related laws, and best practices. These controls aim to mitigate cybersecurity risks, threats, and incidents by setting baseline requirements for safeguarding data in every stage of its lifecycle. The DCC serves as an extension to the Essential Cybersecurity Controls (ECC), and includes objectives, scope, compliance and monitoring details. It is designed to raise cybersecurity maturity across organizations in Saudi Arabia.

Related in Cybersecurity

CybersecurityFrameworkStandard

CCM v4.1 β€” Cloud Controls Matrix v4.1

The Cloud Controls Matrix (CCM) v4.1 is a cybersecurity control framework that consists of 207 controls across 17 security domains, specifically tailored for cloud security and privacy. The Consensus Assessment Initiative Questionnaire (CAIQ) accompanies the CCM, offering a set of assessment questions to evaluate security controls.

Cloud Security Alliance (CSA) β€’ v4.1

View details
CybersecurityStandard

SOC-CMM β€” SOC-CMM Assessment Tool

The SOC-CMM model is a capability maturity model that can be used to perform a self-assessment of your Security Operations Center (SOC). The model is based on review conducted on literature regarding SOC setup and existing SOC models as well as literature on specific elements within a SOC. The literature analysis was then validated by questioning several Security Operations Centers in different sectors and on different maturity levels to determine which elements were actually in place. The output from the survey, combined with the initial analysis is the basis for this self-assessment. For more information regarding the scientific background and the literature used to create the SOC-CMM self-assessment tool, please refer to the thesis document as available through: https://www.soc-cmm.com/

SOC-CMM

View details
CybersecurityRegulation

EU Digital Services Act β€” Regulation (EU) 2022/2065 - EU Digital Services Act

The Digital Services Act (DSA) (Regulation (EU) 2022/2065) establishes a comprehensive framework for regulating online intermediary services, platforms, and marketplaces across the European Union to create a safer and more transparent digital environment. The regulation introduces obligations for online platforms to address illegal content, improve transparency in content moderation and advertising, protect users' rights, and manage systemic risks such as disinformation and harmful content. It also imposes enhanced requirements on very large online platforms and search engines, while preserving fundamental rights, consumer protection, and innovation. Overall, the DSA aims to harmonize rules across the EU and increase accountability for digital service providers operating within the Single Market.

European Union β€’ EU

View details
CybersecurityRegulation

EU Data Act β€” Regulation (EU) 2023/2854 - EU Data Act

The EU Data Act (Regulation (EU) 2023/2854) establishes harmonized rules to make data generated by connected products and related digital services more accessible and usable across the European Union. It gives users of connected devices, such as IoT products, the right to access and share the data they generate with third parties, while requiring data holders to provide that data under fair, reasonable, and non-discriminatory conditions. The regulation aims to reduce barriers to data sharing, promote innovation and competition, enable easier switching between cloud and data-processing services, and support public-sector access to data in situations of exceptional need, while preserving data protection, privacy, intellectual property rights, and trade secret safeguards. Overall, the Data Act is designed to create a fairer and more competitive European data economy by empowering users and improving access to valuable data resources.

European Union β€’ EU

View details

Ready to manage these frameworks?

6clicks maps regulations to controls, evidence and risks β€” automatically.

Book your strategy call