Mapping BeyondTrust Capabilities to the Operational Technology Cybersecurity Controls (OTCC)

National Cybersecurity Authority (NCA)'s Operational Technology Cybersecurity Controls (OTCC-1:2022) mandate explains how to fulfill the strategic and regulatory cybersecurity necessary to implement cybersecurity policies, governance mechanisms, frameworks, standards, and controls across the Kingdom of Saudi Arabia. This includes all devices, systems, or networks used to operate and/or automate industrial processes.

Industrial Control Systems (ICS) have expanded rapidly, resulting in a continuous increase in cyber threats towards these systems. This emphasizes the need for cybersecurity controls specifically dedicated for Industrial Control Systems (ICS) to increase the protection of critical infrastructures that operates or depends on these systems.

Capabilities within BeyondTrust solutions can help organizations address 32 recommendations across 2 domains and 6 subdomains, helping organizations under the OTCC’s jurisdiction to maintain cybersecurity standards and demonstrate and maintain compliance with their ICS systems.

This guide has been prepared so that cybersecurity teams, OT/IT, and security administrators within Saudi organizations can quickly understand how BeyondTrust privilege-centric identity security and Privileged Access Management (PAM) solutions map into the requirements set forth in the Operational Technology Cybersecurity Controls’ guidelines.