National Cybersecurity Authority Issues National Policy and Regulatory Framework for Managed Security Operations Centers

The National Cybersecurity Authority (NCA) has issued the National Policy for Managed Security Operations Centers (MSOC) and the Regulatory Framework for Licensing MSOC Services as part of NCA's efforts to regulate the cybersecurity sector in the Kingdom in a way that contributes to safeguarding the Kingdom's vital interests and national security and elevate the level of services provided in the sector, according to a press release from NCA.
According to the release, NCA elaborated that the National Policy for MSOC aims to enhance cybersecurity situational awareness at the organizational and national level, enabling access to MSOC services that are reliable, mature, and of high quality, as well as stimulating growth in the cybersecurity sector, and improving the efficiency of cybersecurity spending.
NCA stated that the Regulatory Framework for Licensing MSOC Services sets out requirements for delivering these services to government organizations and private sector organizations that own, operate, or host critical national infrastructure and other organizations in the Kingdom. This contributes to enhancing the Kingdom's cybersecurity market, encouraging innovation and investment in the sector, and developing national capabilities specialized in providing MSOC services.
NCA added that the issuance of these documents, which came after public consultation, falls within its mandate to set policies, governance mechanisms, frameworks, standards, controls, and national cybersecurity guidelines. NCA will begin receiving license applications from MSOC service providers during this month through 'Haseen', the national cybersecurity services portal.
NCA is the national entity in charge of cybersecurity in the Kingdom of Saudi Arabia and serves as the national authority and reference on its affairs. NCA aims to improve the cybersecurity posture of the Kingdom in order to safeguard its vital interests, national security, critical infrastructures, high-priority sectors, and government services and activities.