Skip to main content
Skip table of contents

National Cybersecurity Authority Operational Technology Cybersecurity Controls - Compliance Automation Suite

Disclaimer: Organizations are not required as a matter of law to comply with this document, unless legislation, or a direction given under legislation or by some other lawful authority, compels them to comply. This document does not override any obligations imposed by legislation or law. Furthermore, if this document conflicts with legislation or law, the latter takes precedence. 

The National Cybersecurity Authority Operational Technology, established by the Saudi Arabian government in 2017,  is a regulatory framework that encompasses both regulatory and operational functions related to cybersecurity and works closely with public and private entities to improve the cybersecurity posture of the Middle Eastern nation. Its purpose serves to safeguard the nation's vital interests, national security, critical infrastructures, high-priority sectors, and government services and activities. 

The NCA developed the Essential Cybersecurity Controls (ECC - 1:2018) to set the minimum cybersecurity requirements for organizations. The Operational Technology Cybersecurity Controls (OTCC - 1:2022) was developed as an extension to NCA’s Essential Cybersecurity Controls (ECC - 1:2018) to increase the protection of OT/ICS environment. These controls serve as a comprehensive guide for organizations to bolster their cybersecurity posture, providing a robust foundation for organizations to navigate the dynamic landscape of cybersecurity threats. Each control covers concepts that include risk management, incident response, and access controls, thus, enabling national organizations to fulfill mandated cybersecurity requirements to increase the protection of its critical infrastructure and its readiness level towards cybersecurity risks.

The Operational Technology Cybersecurity Controls (OTCC) contains the following:

  • 4 Domains
  • 23 Sub-domains
  • 47 Controls
  • 122 Sub-controls
Principal NCA OTCC Requirements - High-Level Overview
Cybersecurity Governance
  1. Establish governance structures and policies to oversee cybersecurity initiatives related to operational technology.
  2. Define roles and responsibilities.
  3. Employ risk, project, and change management protocols that will protect the organization's assets via the maintenance of its CIA triad.
  4. Provide personnel with cybersecurity awareness programs.
Cybersecurity Defense
  1. Implement measures that protect the operational technology systems from cyber threats and attacks.
  2. Deploy security controls such as firewalls, intrusion detection systems (IDS), endpoint security, and threat intelligence technology to protect against unauthorized access and mitigate security risks. 
  3. Coordinate incident response protocols.
Cybersecurity Resilience
  1. Implement disaster recovery procedures and business continuity strategies to minimize the impact of cybersecurity incidents on critical operations. 
Third-Party Cybersecurity
  1. Assess the cybersecurity posture of third-party entities, establish contractual obligations for cybersecurity, and monitor third-party activities to mitigate potential risks to OT environments. 


LogRhythm’s NCA OTCC Compliance Suite provides augmented and direct support of control objectives through pre-bundled Investigations, Alarms, AIE Rules, and Reports. Alarms and Reports are automatically associated with the correct NCA OTCC asset categories. 

You can then schedule Reports for periodic generation and delivery, or generate them on demand. To identify areas of non-compliance in real-time, you can leverage Investigations and Alarms for immediate analysis of activities that impact your organization's operational technology environments. The following sections provide highlights of these module components and also provide all content included within the module.

Additional Resources

The National Cybersecurity Authority Operational Technology (NCA OTCC -1: 2022) website (www.nca.gov.sa/en/legislation?item=195&slug=controls-list) provides additional resources to assist organizations with their NCA OTCC assessments and validations.



Disclaimer: Organizations are not required as a matter of law to comply with this document, unless legislation, or a direction given under legislation or by some other lawful authority, compels them to comply. This document does not override any obligations imposed by legislation or law. Furthermore, if this document conflicts with legislation or law, the latter takes precedence. 

The National Cybersecurity Authority Operational Technology, established by the Saudi Arabian government in 2017,  is a regulatory framework that encompasses both regulatory and operational functions related to cybersecurity and works closely with public and private entities to improve the cybersecurity posture of the Middle Eastern nation. Its purpose serves to safeguard the nation's vital interests, national security, critical infrastructures, high-priority sectors, and government services and activities. 

The NCA developed the Essential Cybersecurity Controls (ECC - 1:2018) to set the minimum cybersecurity requirements for organizations. The Operational Technology Cybersecurity Controls (OTCC - 1:2022) was developed as an extension to NCA’s Essential Cybersecurity Controls (ECC - 1:2018) to increase the protection of OT/ICS environment. These controls serve as a comprehensive guide for organizations to bolster their cybersecurity posture, providing a robust foundation for organizations to navigate the dynamic landscape of cybersecurity threats. Each control covers concepts that include risk management, incident response, and access controls, thus, enabling national organizations to fulfill mandated cybersecurity requirements to increase the protection of its critical infrastructure and its readiness level towards cybersecurity risks.

The Operational Technology Cybersecurity Controls (OTCC) contains the following:

  • 4 Domains
  • 23 Sub-domains
  • 47 Controls
  • 122 Sub-controls
Principal NCA OTCC Requirements - High-Level Overview
Cybersecurity Governance
  1. Establish governance structures and policies to oversee cybersecurity initiatives related to operational technology.
  2. Define roles and responsibilities.
  3. Employ risk, project, and change management protocols that will protect the organization's assets via the maintenance of its CIA triad.
  4. Provide personnel with cybersecurity awareness programs.
Cybersecurity Defense
  1. Implement measures that protect the operational technology systems from cyber threats and attacks.
  2. Deploy security controls such as firewalls, intrusion detection systems (IDS), endpoint security, and threat intelligence technology to protect against unauthorized access and mitigate security risks. 
  3. Coordinate incident response protocols.
Cybersecurity Resilience
  1. Implement disaster recovery procedures and business continuity strategies to minimize the impact of cybersecurity incidents on critical operations. 
Third-Party Cybersecurity
  1. Assess the cybersecurity posture of third-party entities, establish contractual obligations for cybersecurity, and monitor third-party activities to mitigate potential risks to OT environments. 


LogRhythm’s NCA OTCC Compliance Suite provides augmented and direct support of control objectives through pre-bundled Investigations, Alarms, AIE Rules, and Reports. Alarms and Reports are automatically associated with the correct NCA OTCC asset categories. 

You can then schedule Reports for periodic generation and delivery, or generate them on demand. To identify areas of non-compliance in real-time, you can leverage Investigations and Alarms for immediate analysis of activities that impact your organization's operational technology environments. The following sections provide highlights of these module components and also provide all content included within the module.

This guide has the following parts:

NCA OTCC – AI Engine Rules
NCA OTCC – Investigations
NCA OTCC – Reports and Reporting Packages
NCA OTCC – Requirements
NCA OTCC Deployment Guide
NCA OTCC User Guide

Additional Resources

The National Cybersecurity Authority Operational Technology (NCA OTCC -1: 2022) website (www.nca.gov.sa/en/legislation?item=195&slug=controls-list) provides additional resources to assist organizations with their NCA OTCC assessments and validations.



JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close