The National Cybersecurity Authority (NCA) was created to fulfill the strategic and regulatory cybersecurity needs of the Kingdom of Saudi Arabia. The NCA’s Operational Technology (OT) Cybersecurity Controls (OTCC-1:2022) were developed to increase the protection of OT/ICS (Industrial Control System) environments. That includes all devices, systems, or networks used to operate and/or automate industrial processes.
The controls defined in OTCC-1:2022 are for ICSs that reside in facilities that are deemed critical and owned and/or operated by organizations (e.g., ministries, authorities, establishments, and others) of the Saudi Arabia government, as well as private sector organizations owning, operating, or hosting Critical National Infrastructures (CNIs) on behalf of the Saudi Arabia government.
XONA delivers a purpose-built, Zero-Trust based solution, that will provide your OT operators with frictionless and secure user access to your OT/ICS assets. It will enable them to monitor, manage, and control those assets remotely and/or onsite.
The XONA Critical Systems Gateway (CSG) is delivered as a self-contained appliance that can be used by your employees, contractors, and vendors to securely access OT/ICS assets without introducing any additional cyber- or physical risk into your OT environment. As such, it is a key piece of what Gartner refers to as a “Cyber-Physical Systems Protection Platform”.
This document identifies how XONA Systems’ Critical System Gateway (CSG) maps to each of the security controls in OTCC-1:2022 that a XONA CSG can either directly enforce or be used to help assist.