🔐 Cybersecurity Glossary

A mandatory periodic evaluation process conducted by organizations subject to NCA ECC requirements to measure their adherence to the prescribed cybersecurity controls. The assessment involves self-evaluation, documentation review, technical testing, and may include third-party audits. Organizations must submit compliance reports to the NCA demonstrating implementation status, identified gaps, and remediation plans, with assessments typically required annually or following significant system changes.

The five primary categories that organize the 114 cybersecurity controls within the NCA ECC framework: Domain 1 (Cybersecurity Governance), Domain 2 (Cybersecurity Risk Management), Domain 3 (Cybersecurity Asset Management), Domain 4 (Cybersecurity Technical Controls), and Domain 5 (Cybersecurity Incident and Continuity Management). Each domain contains specific controls with defined implementation requirements and maturity levels ranging from basic to advanced implementation.

One of the five organizational categories within the NCA Essential Cybersecurity Controls framework that groups related security controls. The five domains are: Cybersecurity Governance, Cybersecurity Defense, Cybersecurity Resilience, Third-Party and Cloud Computing Cybersecurity, and Industrial Control Systems Cybersecurity. Each domain contains specific controls with defined implementation requirements and maturity levels.

A classification system within the NCA ECC framework that defines three progressive maturity levels for implementing cybersecurity controls based on organizational risk profile and criticality. Level 1 represents basic cybersecurity practices, Level 2 indicates intermediate security measures, and Level 3 denotes advanced security capabilities. Organizations must achieve the maturity level appropriate to their classification as determined by NCA.

A structured assessment methodology within the NCA ECC framework that measures an organization's cybersecurity maturity across five levels: Level 1 (Initial), Level 2 (Developing), Level 3 (Defined), Level 4 (Managed), and Level 5 (Optimized). Organizations are required to achieve specific maturity levels based on their classification and criticality, with higher-risk entities expected to reach higher maturity levels.

A classification system within the NCA Essential Cybersecurity Controls framework that defines three progressive implementation levels (ML1, ML2, ML3) for cybersecurity controls. Organizations must achieve specific maturity levels based on their sector classification and risk profile, with ML1 representing basic implementation, ML2 indicating managed processes, and ML3 demonstrating optimized and continuously improving security practices.

A three-tiered classification system within the NCA ECC framework that defines the depth and sophistication of control implementation required based on an organization's criticality and risk profile. The levels are: Level 1 (Basic) for foundational security measures, Level 2 (Advanced) for enhanced protection mechanisms, and Level 3 (Progressive) for organizations requiring the highest security posture including critical infrastructure and entities handling highly sensitive data.

An approach to public-key cryptography based on the algebraic structure of elliptic curves, offering equivalent security with smaller key sizes.

A security strategy and technology that monitors, detects, and blocks sensitive information from being transmitted via email in violation of organizational policies or regulatory requirements. Email DLP helps prevent accidental or intentional data breaches by enforcing content inspection and policy-based controls.

A governance framework that defines requirements and procedures for encrypting email communications to protect sensitive information in transit and at rest. This policy establishes standards for encryption methods, key management, and compliance with data protection regulations such as PDPL.

A security solution that filters and monitors incoming and outgoing email traffic to detect and block malicious content, spam, and phishing attempts. It acts as a protective barrier between an organization's email infrastructure and external threats, enforcing security policies and compliance requirements.

A documented procedure that outlines the steps to be taken when an email security incident occurs, including detection, containment, investigation, remediation, and reporting. This plan is essential for minimizing damage from email-based attacks and ensuring compliance with regulatory notification requirements.

A governance document that defines how long email messages must be retained, archived, and eventually deleted based on regulatory requirements, legal obligations, and business needs. This policy ensures compliance with data protection laws while managing storage resources effectively.

A structured program designed to educate employees about email-based threats such as phishing, malware, and social engineering attacks. This training is a critical component of security governance, helping organizations build a human firewall and reduce the risk of successful email attacks.

The process of converting plaintext data into ciphertext using cryptographic algorithms and keys to protect confidentiality and prevent unauthorized access to sensitive information during storage or transmission.

The administration of cryptographic keys throughout their lifecycle, including generation, distribution, storage, rotation, backup, and destruction, ensuring secure key handling practices to maintain the effectiveness of encryption systems.

A security method where data is encrypted on the sender's device and only decrypted on the recipient's device, ensuring that no intermediary parties, including service providers, can access the plaintext content during transmission.

A communication security method where data is encrypted on the sender's device and only decrypted on the recipient's device, preventing intermediaries including service providers from accessing the plaintext content. This approach aligns with PDPL Article 18 requirements for protecting personal data during transmission and NCA ECC controls for secure communications in critical infrastructure sectors supporting Vision 2030 digital transformation.

A cybersecurity technology that continuously monitors endpoints to detect and respond to cyber threats.

The phase of incident response where the root cause and artifacts of the security incident are removed from the environment.

The systematic gathering of proof that security controls are implemented and effective to satisfy compliance requirements.