Saudi Arabia’s National Cyber Security Center (NCSC) has received an internationally recognised cybersecurity certification from safety science organisation, UL (Underwriters Laboratories).
The NCSC has a deep understanding of regional and international cyber security issues and required that its Community of Trust network infrastructure security software meets the rigorous standards of UL’s Cybersecurity Assurance Program (UL CAP).
The certification was the first to be awarded in the Middle East region.
UL CAP applies the new UL 2900 series of standards using testable cybersecurity criteria for network-connectable products and industrial control systems to assess software vulnerabilities and weaknesses, minimise exploitation, address known malware, review security controls and increase security awareness.
UL, which has GCC bases in Abu Dhabi and Dubai, is now carrying out similar projects with other organisations and authorities in the MENA region.
Hamid Syed, UL, Vice President & GM of the MENA region, said: “We carried out an exhaustive examination of the NCSC system’s potential security vulnerabilities and mitigation steps before it was awarded our certification, which signifies that the required standards have been met”
UL CAP is for vendors and organisations looking for trusted support in assessing security risks, allowing them to continue to focus on product innovation to help build safer more secure products. It is also for purchasers of products who want to mitigate risks by sourcing products validated by a trusted third party, such as UL.
Ken Modeste, Cybersecurity Services Leader for UL’s Connected Technologies team, oversaw the project. He said: “This was a first in the MENA region as we developed a way to assess and evaluate products and systems for cybersecurity effectiveness based on best practices outlined in recognised global standards, such as NIST and ISO.
“The UL CAP program’s purpose is to help organisations, manufacturers, purchasers and end-users, both public and private, mitigate cybersecurity risks via methodical risk assessments and evaluations.”
