MinistryServiceDetails

Home Government Entities Ministries

Error:

Javascript is disabled in this browser. This page requires Javascript. Modify your browser's settings to allow Javascript to execute. See your browser's documentation for specific instructions.

Cyber security services and network incidents

Estimated Time:

None

Location:

National Information Technology Center

Estimated Fee:

None

Description: Cyber security services and network incidents:

The Center offers ministries, governmental departments and institutions many services related to the security and safety of information and networks to ensure the confidentiality, documentation and availability of data when needed, as follows:

Information and Network Protection Service

Information and networks security have become one of the most important needs of government ministries, departments and institutions. Therefore, the Center has the duty to provide the following:

Implement procedures and policies to ensure full protection of resources, systems and information.
Evaluate and monitor the development of information security and protection systems in all respects, to ensure compliance with the approved policies and standards, and make recommendations to improve security.
Manage network and systems protection equipment.
Raising staff capacity through specialized qualitative training.
Periodic checks of systems to detect vulnerabilities.
Analyze movement logs and data available to detect intrusion, follow patterns of intrusive activities and assess potential risks.

Awareness announcements and warnings; such as circulation of intrusion warnings and warnings of vulnerabilities.
Address existing or potential security vulnerabilities by analyzing, responding to, and educating against them.
Process digital evidence for cyber security; in cooperation with concerned parties.
Manage, address, respond to and prevent IT incidents.
Address incidents, including receiving notifications and reports on incidents, and contributing to the isolation of infected information systems, and contain risks by analyzing and responding to them, provide technical support, and coordinate with the concerned authorities.

Security Inspection Service for Government Websites

Examine government websites hosted by the Center, which are hosted outside the Center in coordination with its IT directorates, and submit recommendation reports to address vulnerabilities.
Early detection of hacking cases to which government systems, websites and informing may be exposed, and inform the concerned authorities when the hacking incidents are detected to be addressed as soon as possible.
Provide technical advice on the safety and integrity of websites when submitting any tender for the creation or development of government websites.

Information Security Audit Service

The Center provides information security and safety auditing services to ensure that best practices are applied to protect government information. The cyber Security team visits the ministries, government departments and institutions after prior coordination with relevant managers to view the reality of the situation and make recommendations as follows:
Examine the case according to the model designated for the standard to be applied.
Review some documentation related to the work of the team (Network Diagram, Documentations).
Field inspection of physical controls.
Field inspection of the data center / hardware room.
Field tour to check some user devices.
Access servers and verify policy implementation.
Use some special tools to check the network.
Use social engineering to examine employees’ and user’s awareness of cyber security standards.
Provide recommendations report and help implement some solutions.

Issuing Digital Certificates (SSL Certificates) service for government websites

SSL Certificates are used to ensure secure access to websites, by ensuring that the user has access to the trusted website published by government ministries, departments and institutions and to encrypt communication between the client and the websites of the institutions to obtain the services provided in a secure and reliable manner.

This service is provided by the Center in cooperation with international companies specialized in this field, where the reliability of companies are verified and adopted globally, and technical support is provided to activate SSL certificates on servers efficiently and effectively.

Raise awareness on cyber security

The Center supervises proof of concept projects configured on the Center's network to identify how they work and the extent to which the Center benefits from the implementation of these systems.

The Center also raises awareness of beneficiaries on the best practices in cyber security by:

- Holding courses and workshops on the cyber security and safety to raise awareness thereof among individuals and institutions.
- Preparing and designing brochures and leaflets (educational and awareness).
- Sending text messages (guidance and warning).
- Raising awareness on the importance of field assessment of systems to be introduced into service.
- Raising awareness on the importance of implementing and activating cyber security policies of the Center; which are based on public policies.
- Raising awareness on the risks associated with the Internet to individuals and institutions
- Assisting in the application of best practices for the protection of children online.