Compliance Frameworks
Cybersecurity compliance frameworks relevant to the MENA region and beyond. Understand requirements, map controls, and track compliance.
MENA Region
NCA ECC
NCA Essential Cybersecurity Controls
Saudi Arabia's National Cybersecurity Authority Essential Cybersecurity Controls. Mandatory for government entities and critical infrastructure operators.
SAMA CSF
SAMA Cyber Security Framework
Saudi Central Bank cybersecurity framework for financial institutions operating in Saudi Arabia. Covers governance, risk management, and operational resilience.
PDPL
Saudi Personal Data Protection Law
Saudi Arabia's Personal Data Protection Law governing the collection, processing, and transfer of personal data. Enforced by SDAIA.
UAE IAS
UAE Information Assurance Standards
UAE's Information Assurance Standards by the Telecommunications and Digital Government Regulatory Authority for securing government information systems.
Egypt CSL
Egypt Cybersecurity Law
Egypt's Anti-Cyber and Information Technology Crimes Law (No. 175/2018) and associated cybersecurity regulations.
International Standards
NIST CSF
NIST Cybersecurity Framework
The U.S. National Institute of Standards and Technology Cybersecurity Framework. Widely adopted globally as a baseline for cybersecurity risk management.
ISO 27001
ISO/IEC 27001
International standard for information security management systems (ISMS). The gold standard for security certification recognized worldwide.
MITRE ATT&CK
MITRE ATT&CK
A globally-accessible knowledge base of adversary tactics and techniques based on real-world observations. Used for threat modeling and defense planning.