The National Cybersecurity Authority approved new rules granting its inspectors broad powers, including entering premises, accessing networks, and seizing devices, aimed at enhancing oversight, investigating violations, and protecting national security.

The rules, adopted by a decision of the Authority's Board of Directors, include the right of inspectors to inspect information technology systems, operational technologies, and their components.

National Cybersecurity Authority

The powers include reviewing and examining data and backup copies, and confiscating any equipment or software suspected of being used to commit a violation.

Related News

The new legislation grants the Authority's Governor the power to intervene directly in urgent and necessary cases to maintain cybersecurity. This includes taking immediate decisions to suspend or stop the operation of activities, networks, or systems subject to the violation.

Written and Oral Statements

In the course of investigations, the rules allow the Authority to summon those accused of violations to hear their statements and request written and oral statements. The procedures stress referring the files of violators to the prosecution body within the Authority as soon as evidence and indications supporting the violation are available.

The regulations impose precise obligations on inspectors while performing their duties, foremost among them proving their official and regulatory status. They stressed the need to maintain complete confidentiality of documents and data, with accurate documentation of all procedures and cases of obstruction in official records. The rules obligate natural and legal persons subject to the system to fully cooperate with Authority representatives and provide all facilities for their work.

Strict Warnings

It strictly warned against refraining from providing required documents or records, tampering with them, or destroying them in a way that hinders the inspection and investigation process. The Authority prohibited publishing or circulating any information or data related to ongoing inspection procedures or their results. It approved the implementation of these rules immediately upon publication on its website, with the possibility of taking all control measures through technical and electronic means.