Public Consultation on the Changes to Essential Cybersecurity Controls ECC-2:2024

Public consultation on the changes to the ECC. The main objective of these controls is to set the minimum cybersecurity requirements for information and technology assets in organizations. These requirements are based on industry leading practices which will help organizations minimize the cybersecurity risks that originate from internal and external threats. The following key objectives must be focused on in order to protect the organization’s information and technology assets: Confidentiality Integrity Availability These controls take into consideration the following four main cybersecurity pillars: Strategy People Processes Technology