Meet the SAMA Cybersecurity Requirements

Axidian solutions help organizations in Saudi Arabia comply with the SAMA Cyber Security Framework.

BOOK A DEMO DOWNLOAD CHECKLIST
nca-ecc-complience-pic

What is SAMA CSF

The Saudi Arabian Monetary Authority (SAMA) issued its Cyber Security Framework (CSF) to enable Financial Institutions to effectively identify and address risks related to cyber security. This initiative aims to ensure confidence in the Saudi financial sector.

The Framework consists of 249 controls across 4 cybersecurity domains:

  • Cyber Security Leadership and Governance
  • Cyber Security Risk Management and Compliance
  • Cyber Security Operations and Technology
  • Third Party Cyber Security

These cybersecurity controls are linked to related national and international law and regulatory requirements.

Who must comply

The Framework applies to all Member Organizations that operate in KSA and are regulated by the Saudi Arabian Monetary Authority:

  • Banks
  • Insurance / Reinsurance Companies
  • Financing Companies
  • Credit Bureaus
  • Financial Market Infrastructure

Why it is important

In case of non-compliance organization may face not only increased cybersecurity risks, gaps and reputational damage, but also some potential penalties, such as:

  • Revocation of license or refusal to renew it
  • Financial penalties
  • Company shutdown

SAMA Compliance with Axidian Solutions

According to SAMA cybersecurity requirements for identity and access management (3.3.5) and for cryptography (3.3.9), it is mandatory that organizations implement Privileged Access Management, Identity and Access Management, Cryptography management solutions to secure their digital identities, access and cryptographic keys. Learn how Axidian Privilege (PAM), Axidian Access (IAM) and Axidian CertiFlow align with the SAMA CSF controls.

sama-am

With Axidian Access

  • Implement MFA for local and remote access to all corporate information systems.
  • Secure online and offline access.
  • Implement Role-based access control (RBAC)
  • Enforce the Least Privilege principle
  • Apply granular access settings based on user location, responsibilities and permissions

With Axidian Privilege

  • Control privileged activities, record sessions (video, screenshots, text logs)
  • Enforce the Least Privilege principle
  • Keep passwords and credentials hidden from users
  • Two-factor authentication for privileged sessions is built into Axidian Privilege, no additional licenses are needed
sama-pam
sama-cm

With Axidian CertiFlow

  • Automate the issuance of personal digital certificates and their deployment on cryptographic tokens
  • Monitor any certificates used in the company
  • Track expiration of smart cards and USB tokens and revoke digital certificates automatically
  • Automatically revoke certificates of dismissed employees
  • Store and distribute PIN policies centrally

Additional coverage

Besides the controls above that require identity security solutions, Axidian can help you achieve a wider coverage and enhance compliance to more SAMA Cyber Security Framework controls which are related to policies, procedures, incident investigation, threat management, business continuity, securing third-party access, and more. For more detail, download our SAMA CSF compliance guide which includes the Axidian solution mapping to the Controls.

DOWNLOAD GUIDE
sama-axidian

Book a Demo

Experience why organizations trust Axidian to strengthen their security and comply with the SAMA Cyber Security Framework.

Click the button below, leave your contact information, and our team will reach out to you promptly to arrange a personal product demo based on your security and compliance needs.

BOOK A DEMO
book-a-demo-image