Professional Documents
Culture Documents
3846d1c4 Da85 40e3 804f A6735bd8dac8 GECC Implementation Guidelines Ar
3846d1c4 Da85 40e3 804f A6735bd8dac8 GECC Implementation Guidelines Ar
o be saved
ﻗﺎﺋﻤﺔ اﻟﻤﺤﺘﻮﻳﺎت
................................................................................................................................................................
................................................................................................................................................................
................................................................................................................................
..............................................................................................................................................................
...............................................................................................
ﻗﺎﺋﻤﺔ اﻷﺷﻜﺎل
..................................................................
......................................................................... :
ﻣﻘﺪﻣﺔ
ECC - 1: 2018
.
اﻟﻬﺪف
ﻧﻄﺎق اﻟﻌﻤﻞ
ECC-1:2018
ﺟﻮاﻧﺐ ﺻﻤﻮد اﻷﻣﻦ اﻟﺴﻴﺒﺮاﻧﻲ ﻓﻲ إدارة اﺳﺘﻤﺮارﻳﺔ اﻷﻋﻤﺎل ﺻﻤﻮد اﻷﻣﻦ اﻟﺴﻴﺒﺮاﻧﻲ
١-٣ ٣
)Cybersecurity Resilience Aspects of Business Continuity Management (BCM Cybersecurity Resilience
١
« »
CCC
CSCC
o
o
o
o
o
o
o
o
o
o
o
o
o
o
o
ICT/ IT
o
o
o
o
o
.
:
o
o
o
:
o
.
Committee Charter
:
:
.
.
o
o
o
o
o
o
Risk Register
Risk Treatment Plan
:
.
Technical Project Lifecycle
IT Change
Management
Production Environment
.
Third Party Management
.
Release Management
o
o
Secure Configuration and Hardening o
o
Vulnerabilities Assessment
.
Secure Coding Standards
Integration
SIT o
API o
o
o
Image
Cybersecurity Standards
Internal Audit
o
o
o
o
Non-Disclosure o
Agreement
o
Lifecycle
o
o
o
Non-Disclosure
Clauses
Non-Disclosure Clauses
Screening or Vetting
o
o
o
o
o
o
o
o
o
o
ﺗﺼﻨﻴﻒ اﻟﻮﺛﻴﻘﺔ :ﻋﺎم 35 إﺷﺎرة اﻟﻤﺸﺎرﻛﺔ :أﺑﻴﺾ
اﻟﺪﻟﻴﻞ اﻹرﺷﺎدي ﻟﺘﻄﺒﻴﻖ اﻟﻀﻮاﺑﻂ
اﻷﺳﺎﺳﻴﺔ ﻟﻸﻣﻦ اﻟﺴﻴﺒﺮاﻧﻲ
o
o
o
o
o
o
o
o
o
Whale phishing
o
o
o
Asset Management
o
o
o
o
:
o
o
:
Excel
CMDB
:
o
o
o
o
:
:
o
o
o
:
Labelling
:
o
o
o
o
o
o
:
Labelling
CMDB Excel
:
:
Logical Access
:
o
-
-
-
-
o
o
o
:
:
User Authentication o
o
Authorization o
Authorization o
Segregation of Duties
o
o
:
User Authentication
Expiration Period o
complexity o
lockout o
activation o
history o
o
Multi-Factor Authentication
Multi-Factor Authentication
VPN
Something you know o
Something you have o
One time password
Something you are o
Authorization
Need-to-know and Need-to-use
Segregation of Duties Least Privilege
Active Directory
o
o
o
o
o
Authorization
Least Privilege Need-to-know and Need-to-use
Segregation of Duties
o
o
o
o
default accounts / o
o
o
o
ﺗﺼﻨﻴﻒ اﻟﻮﺛﻴﻘﺔ :ﻋﺎم 49 إﺷﺎرة اﻟﻤﺸﺎرﻛﺔ :أﺑﻴﺾ
اﻟﺪﻟﻴﻞ اﻹرﺷﺎدي ﻟﺘﻄﺒﻴﻖ اﻟﻀﻮاﺑﻂ
اﻷﺳﺎﺳﻴﺔ ﻟﻸﻣﻦ اﻟﺴﻴﺒﺮاﻧﻲ
o
o
o
o
o
o
o
o
o
o
o
o
o
ﺗﺼﻨﻴﻒ اﻟﻮﺛﻴﻘﺔ :ﻋﺎم 51 إﺷﺎرة اﻟﻤﺸﺎرﻛﺔ :أﺑﻴﺾ
اﻟﺪﻟﻴﻞ اﻹرﺷﺎدي ﻟﺘﻄﺒﻴﻖ اﻟﻀﻮاﺑﻂ
اﻷﺳﺎﺳﻴﺔ ﻟﻸﻣﻦ اﻟﺴﻴﺒﺮاﻧﻲ
o
o
Clock Synchronization o
o
o
o
o
Clock Synchronization o
Malware
Malware
o
APT
o
o
o
o
o
.
o
o
-
-
-
.
Patch Management
o
-
-
-
-
-
o
o
o
o
o
o
.
Clock Synchronization
time.saso.gov.sa o
time.isu.net.sa o
.
(
Email Protection
o
o
o
o
o
o
o
)(Loadbalancer o
o
Phishing Spam Emails
Emails
o
o
Sender Policy Framework
Incoming message DMARC verification
Phishing Filtering
Spam Emails Emails
Spam Phishing Emails
Emails
Multi-Factor Authentication
Webmail
o
o
o
EWS, outlook anywhere
APT Protection
Zero-Day Malware
(Sender Policy
Framework
Integrity
DMARC
DKIM SPF
SPF Record
o
o
o
o
o
Firewall o
Defense-in-Depth o
o
o
o
o
o
o
o
:
o
o
o
)(Firewall
Defense-in-Depth
:
Firewall o
DMZ o
VLAN o
Defense-in-Depth o
:
o
o
)(Network Diagram
:
VLANs
:
Network Diagram
:
o
Firewall o
Proxy
:
o
o
:
o
o
LAN o
Excel sheet
:
Wireless Security
o
o
Excel Sheet
LAN o
:
o
o
o
o
o
o
Excel Sheet
:
Excel
Sheet
Firewall Rules o
Firewall Rules
:
o
o
IPS/IDS
o
DMZ o
o
IPS/IDS
IPS/IDS
Excel Sheet
:
IPS/IDS
IPS/IDS o
IPS/IDS
Excel Sheet
DNS
:
Google DNS
:
DNS
DNS Security
IP range
APT Protection
Zero-Day Malware
:
o
o
APT
Zero-Day Malware
APT Protection
:
o
APT Protection
Zero-Day Malware
:
:
BYOD
BYOD
:
BYOD
o
BYOD o
:
BYOD
BYOD
:
BYOD
o
BYOD
o
Privileged Access o
BYOD o
Remote Wipe o
.
Group Policy o
o
o
Active Directory
Configuration and Hardening o
o
BYOD
:
BYOD
BYOD
BYOD o
BYOD
o
Active Directory
BYOD o
BYOD
BYOD ( )
:
BYOD
BYOD
o
o
Mobile Device Management
BYOD
:
BYOD
BYOD
o
BYOD
BYOD
o
BYOD
:
BYOD
o
o
Patches, AV
:
BYOD
o
o
BYOD
:
BYOD
. BYOD
Mobile Device Management
:
BYOD
BYOD
o
BYOD
BYOD
o
:
BYOD
o
o
BYOD
:
BYOD
o
BYOD
BYOD
:
BYOD
BYOD
BYOD
BYOD
BYOD
:
BYOD
BYOD
BYOD
:
o
o
o
o
:
:
o
o
o
:
o
o
o
:
o
o
o
o
:
o
o
:
o
o
o
o
o
o
o
:
o
:
o
o
:
:
:
Cryptography
:
o
o
o
:
:
o
o
o
o
o
TLS o
:
:
o
o
o
o
o
o
o
:
:
o
o
o
:
.
:
TLS (Transport Layer Security o
)TDE (Transparent Data Encryption o
:
:
o
o
o
o
o
:
:
o
o
o
o
o
:
:
o
o
o
o
:
.
:
o
o
o
o
:
:
:
Vulnerabilities Management
:
o
o
o
o
:
o
o
o
o
o
:
:
o
o
o
o
:
o
o
o
o
.
:
o
o
o
CVSS o
:
:
o
o
o
o
o
o
o
o
:
:
:
:
( o
OEMs o
o
o
:
:
:
Penetration Testing
:
o
o
o
o
:
:
o
o
:
(
:
o
o
Google Apple Store
Play Store
o
o
o
o
o
:
:
:
ﺗﺼﻨﻴﻒ اﻟﻮﺛﻴﻘﺔ :ﻋﺎم 97 إﺷﺎرة اﻟﻤﺸﺎرﻛﺔ :أﺑﻴﺾ
اﻟﺪﻟﻴﻞ اﻹرﺷﺎدي ﻟﺘﻄﺒﻴﻖ اﻟﻀﻮاﺑﻂ
اﻷﺳﺎﺳﻴﺔ ﻟﻸﻣﻦ اﻟﺴﻴﺒﺮاﻧﻲ
:
:
:
o
. o
o
o
o
o
:
:
o
. o
o
o
o
o
:
:
)(Event logs
.
:
o
o
o
o
o
Rules
:
SIEM
.
:
o
o
Rules
:
SIEM
SIEM
. )(SIEM
:
)(SIEM
SIEM
o
o
o
o
o
SIEM
:
Excel
.
:
SIEM
:
:
:
:
:
:
o
o
o
. o
o
o
o
:
o
o
o
. o
o
o
o
:
:
.
:
o
o
o
Playbook o
o
o
o
o
o
:
.
:
:
.
:
o
o
o
is@nca.gov.sa
:
.
:
o
o
is@nca.gov.sa
:
Threat Intelligence
:
o
o
o
:
:
:
Physical Security
:
o
).(CCTV o
. o
o
o
:
o
).(CCTV o
. o
o
o
o
CCTV o
o
o
o
:
.
:
o
o
o
o
o
o
o
o
o
.
).(CCTV
:
o
o
o
o
o
o
CCTV
.
:
DVR
CCTV
CCTV
.
:
o
o
o
o
zero filling degaussing
:
o
o
o
o
o
o
:
:
Vulnerability Assessment o
Backup Log Files o
Regular o
screening of open ports, services, processes, and unused protocols
:
WAF o
o
HTTPS o
o
MFA o
:
:
o
o
o
o
o
o
o
WAF
Multi-tier Architecture
:
o
o
o
Database Tier
Business Tier
Presentation/Client Tier
o
o
).(HTTPS
:
o
o
o
:
o
HTTPS
SFTP
(TLS
HTTPS
:
(intranet) extranet
Multi-Factor Authentication
:
Multi-Factor Authentication
MFA
:
:
o
o
Disaster Recovery Plan o
:
.
. o
o
o
:
o
(Business Impact Analysis) o
o
o
high availability
:
o
o
o
Planning and Preparation
Detection and Analysis
Containment, Eradication and
Recovery
Review and Learn
o
(Utilizing NCA published incident response playbooks
o
o
o
o
o
(
o
o
o
o
:
o
o
o
o
SLA
Non-Disclosure Clauses
Non-
Disclosure Clauses
/
o
o
o
o
o
SLA
SLA
.
o
o
o
o
Service Level Agreement o
o
o
o
o
o
o
CCC
:
/
o
o
o
o
/
.
.
.
o
SLA
o
SLA
ICS/OT
ICS/OT
)(ICS/OT
o
o
o
ICS/OT
ICS/OT
ICS/OT
ICS/OT
ICS/OT
(ICS/OT)
:
(ICS/OT)
"Corporate Network"
(ICS/OT)
(ICS/OT)
(ICS/OT)
corporate network o
industrial demilitarized zone o
.
)(ICS/OT
o
DMZ proxy
o
jump server VPN
MFA
o
NCS-
1:2020
)(Event logs
.
SIEM
o
o
use cases
o
o
engineering SIS
workstations
.
o
Active Directory o
registry o
o
o
.
.
network access control
RADIUS
MAC Authentication
o
o
Secure
Configuration and Hardening
hardening standards
non-invasive invasive
contingency plan
contingency plan
ICS/OT
ICS/OT
ICS/OT
ICS/OT