Contact Us
Contact Us
Login
INSIGHTS

KSA OTCC-1:2022 Simplified

The National Cybersecurity Authority (NCA) OTCC-1:2022 sets OT cybersecurity controls for Saudi Arabia. Dragos solutions help exceed OTCC requirements.

Governance & Risk Management
Meet NCA OT cybersecurity controls (OTCC) governance with OT security program assessments, capability maturity evaluations, and incident response planning. Dragos Services provides risk frameworks while our platform validates controls for audit purposes and generates compliance documentation to align to NCA controls.
KSA OTCC Compliance Point 1
Defense & Threat Detection
Address OTCC defense with OT asset visibility, IOC and anomaly-based threat detection, and behavioral analysis. Dragos Platform provides forensic capabilities and response playbooks while Intelligence delivers vulnerability mitigation strategies for industrial environments to align to NCA regulations.
KSA OTCC Compliance Point 2
Resilience & Third-Party Risk Management 
Achieve OTCC resilience and third-party requirements with proactive risk analysis, architecture reviews, and supplier monitoring. Dragos Platform validates control effectiveness while Services help design policies for managing third-party OT system interaction.
Asset Thumbnail KSA OTCC Solution Brief
Solution Brief
KSA OTCC Compliance Solution Brief
Learn how Dragos maps to all OTCC-1:2022 domains with OT cybersecurity solutions to help Saudi Arabian organizations meet NCA regulations and protect critical infrastructure.
DOWNLOAD NOW
Related Resources
Press Release
Dragos and Aramco Sign MOU Regarding the Protection of Industrial Infrastructure in Saudi Arabia
The MOU will create a path for potential creation of a local hardware assembly facility and OT cyber training academy for Aramco and its affiliates, and the Kingdom of Saudi Arabia
November 13, 2023 08:00 AM
4 min read
Solution Brief
How Dragos Helps Meet Kingdom of Saudi Arabia National Cybersecurity Authority Operational Technology Cybersecurity Controls
Learn how Dragos Platform and services help industrial organizations meet KSA NCA OTCC-1:2022 requirements, develop effective OT security programs, and simplify compliance
September 3, 2025 11:50 AM
Guide
Benchmarking Guide: Assess Your OT Cybersecurity Maturity
Download our step-by-step benchmarking guide to build a robust OT cybersecurity program tailored to your organization’s unique needs.
June 14, 2024 03:19 PM
Secure Partner Ecosystem
  • 150 BW_partner_logos_carousel-emerson.webp
  • 150 BW_partner_logos_carousel-macnica.webp
  • 150 BW_partner_logos_carousel-aws.webp
  • 150 BW_partner_logos_carousel-crowdstrike.webp
  • 150 BW_partner_logos_carousel-servcicenow.webp
  • 150 BW_partner_logos_carousel-fortinet.webp
  • 150 BW_partner_logos_carousel-yokogawa.webp
  • 150 BW_partner_logos_carousel-guidepoint.webp
  • 150 BW_partner_logos_carousel-accenture.webp
  • 150 BW_partner_logos_carousel-RA.webp
  • 150 BW_partner_logos_carousel-microsoft.webp
  • 150 BW_partner_logos_carousel-carahsoft.webp
  • 150 BW_partner_logos_carousel-site.webp
  • 150 BW_partner_logos_carousel-sel.webp
  • 150 BW_partner_logos_carousel-shi.webp
  • 150 BW_partner_logos_carousel-ge.webp
  • 150 BW_partner_logos_carousel-splunk.webp
  • 150 BW_partner_logos_carousel-optiv.webp
FAQ

OTCC-1:2022 is Saudi Arabia’s NCA regulation for OT cybersecurity controls. It applies to critical infrastructure in oil and gas, refineries, manufacturing, power, water, and essential sectors, building upon NCA ECC-1:2018 requirements.

NCA OTCC-1:2022 covers: Cybersecurity Governance (people, process, technology), Defense (controls to secure OT environments), Resilience (risk analysis and incident response), and Third-Party Cybersecurity (extending controls to suppliers).

Dragos Services provides OT Security Assessments, Capability Maturity Assessments, and Incident Response Planning. Our platform validates controls and generates audit-ready documentation while Services establish risk frameworks and policies.

Dragos Platform delivers OT asset visibility, vulnerability management, IOC and anomaly-based threat detection, and behavioral analysis to help meet NCA controls. Our Intelligence provides specialized vulnerability analysis and alternative mitigation strategies integrated into the platform to align to NCA guidelines.

Our Services provide risk analysis, architecture reviews, and incident response planning. The platform enhances OT asset resiliency while Intelligence delivers insights on attack groups and TTPs to reduce response times and ensure continued operations.

Yes, Dragos Services provides architecture reviews to design third-party security policies. Our platform validates control effectiveness and monitors third-party interactions with OT systems, identifying potential cyber risks from suppliers and service providers.

Our platform is purpose-built for industrial environments, providing asset inventory, ICS protocol analysis, vulnerability management, and OT-specific threat detection. We understand industrial protocols and operational constraints while maintaining uptime and safe operations.

WorldView delivers OT-specific intelligence covering adversary campaigns, detection TTPs, vulnerability mitigation advice, and insights from global threats. This intelligence integrates with our platform and supports risk assessment and incident response planning.
CTA Pattern Background Dot Mesh
See the Dragos Platform in Action
Take the next step to protect your ICS environment now with a free demo.
REQUEST PLATFORM DEMO