To support the State of Qatar’s endeavors in addressing present and future threats and risks, the National Cyber Security Strategy of the State of Qatar aims to establish a legal and regulatory framework that promotes a secure and dynamic cyberspace. Additionally, the Ministry of Transport & Communications (MOTC) has developed two national frameworks to facilitate this:
- The National Information Security Compliance Framework (NISCF)
- The National Information Assurance Framework (NIAF)
Eshield Provides a wide range of cyber security services to our Qatar clients including but not limited to:
National Information Assurance (NIA) Certification:
When organizations demonstrate compliance with the requirements outlined in the NIA Policy and NIA Manual, they are granted the NIA Certification for their Information Security Management Systems. Consequently, all organizations that have information infrastructure critical to the State of Qatar are obliged to obtain certification of compliance. Reference
The National Information Security Compliance Framework (NISCF):
The Certification Program offers organizations a mechanism to demonstrate compliance with the information security policies, standards, and manuals of the State of Qatar. Moreover, the NISCF is being developed to offer a large variety of certifications. Although, these are related to national and international policies and standards for organizations and technology vetting. Reference
The Personal Data Privacy Protection Law:
The Qatari Law No. 13 of 2016 (“the Personal Data Privacy Protection Law”) took effect in 2017. It has the aim of protecting and providing guidelines of processing personal data within Qatar. In December 2020, the Compliance and Data Protection Department (CDP) within the Ministry of Transport and Communications (MOTC) published new guidelines in relation to the Law. Also, the scope of the PDPPL applies to personal data that is received, collected, extracted or processed through electronic or traditional methods. Any organization that processes such personal data must adhere to the principles of transparency, fairness and respect for human dignity. The law has a large focus on organizations. Thus, ensuring that the personal data they process is up to date and there are adequate measures in place for safe custody of the personal data.
Aviation Cyber Security Guidelines:
The Aviation industry is one of the corner-stones in realizing this dream. It is a critical service, enabling the nation to connect to the rest of the world. A significant population of the country are expatriates who live in Qatar to make a living. A strong aviation network ensures its residents can enjoy stress-free travel to their homelands and back. Cyber security comprises of privileged access controls (covering people, process and technology). These are designed to protect systems, networks and data from digital attacks. Reference
PCI DSS Compliance:
The PCI Security Standards Council (PCI SSC) is a global forum that brings together payments industry stakeholders. Furthermore, they develop and drive the adoption of data security standards and resources for safe payments worldwide. The PCI SSC’s mission is to enhance global payment account information technology security management by developing standards. Moreover, it provides supporting services that drive education, awareness, and effective implementation by stakeholders. We provide this PCI compliance consulting services with a strategic framework to guide our decision-making process. Consequently, we ensure that our every initiative is aligned with our mission and supports the needs of the global payments industry. Reference
*Our services include consulting, assessment, and support services.
Please visit our Cyber Security consulting Services page for a full range of cyber security services offered, and for more info: Contact us