A simple icon, consisting of a series of links surrounded by a circle, is a common symbol for a connection or hyperlink. The lines of the icon are outlined in a dark black color on the background, with the addition of military elements of the Saudi national identity such as the Ghutra, Shamaa, and Saudi Bisht, to reflect the distinctive local character of Qassim University.
Links to official Saudi educational websites end with edu.sa
All links to official educational websites of government agencies in Saudi Arabia end with .edu.sa.
Black leather minimalist gesture tag, black circular grip, topped with a clear depiction of a Saudi tunic with a shamma and aqal, emphasizing the features of the Saudi bisht. This design symbolizes the concept of security and digital data privacy and reflects the identity of Qassim University.
protocol for encryption and security. HTTPS for encryption and security.
Secure websites in the Kingdom of Saudi Arabia use the HTTPS protocol for encryption.
Digital Government Authority

Registered with the Digital Government Authority with no: 20250413538

Qassim University logo
Open search engine
Search
MyQU Single Sign-On Portal
MyQU

Cybersecurity Management

Cybersecurity Controls for Cloud Computing

The Cloud Computing Cybersecurity Controls (CCC-2:2024) document, issued by the National Cybersecurity Authority, is a regulatory framework that supplements the Essential Cybersecurity Controls (ECC-2:2024). Its primary objective is to enhance national readiness and protect the vital interests of the Kingdom in cyberspace.

The update of these controls comes in response to the accelerated expansion in the adoption of cloud computing technologies locally and globally, and the accompanying new security challenges and threats that require precise standards to reduce potential cybersecurity risks for both service providers and subscribers.

These controls are formulated based on an in-depth study of global best practices and reputable international standards, focusing on three fundamental principles to ensure data and information security: confidentiality, integrity, and availability. The controls also cover four complementary pillars including: strategy, people, processes, and technology, to ensure a comprehensive approach to cloud cybersecurity management.

Cybersecurity controls are divided into four essential components: cybersecurity governance, cybersecurity enhancement, cybersecurity resilience, and external cybersecurity and cloud computing.

Operationally, the document differentiates in its requirements between service providers and subscribers; it includes 37 fundamental regulations and 94 sub-regulations for service providers, while allocating 18 fundamental regulations and 26 sub-regulations for subscribers.

This allocation aims to enable all parties to accurately define security requirements and work towards their continuous compliance, contributing to the establishment of a secure and reliable cloud environment that supports digital transformation in the Kingdom and aligns with national regulatory and legislative requirements.

Suggestions

Single Sign-On Portal
Achievement
E-learning
Email
Directory of services
Query services

Cookies

This website uses special cookies to ensure ease of use, improve your browsing experience, and clarify the terms and policies related to About user privacy. By continuing to browse this website, you acknowledge that you accept the use of cookies and the terms of the Privacy Policy

Accept