Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Qatar 2022 Cybersecurity Framework Report

by Josef Weiss
July 22, 2021

Qatar Cybersecurity Framework Report Image

The FIFA 2022 World Cup™ has a global audience, and presents complex security concerns across a large number of entities. The State of Qatar is addressing cybersecurity and privacy needs by providing entities with the Cybersecurity Framework. The Framework contains guidelines designed to mitigate risk and track processes for all entities involved in the 2022 World Cup. This report displays vulnerability and configuration assessment information that allows entities to fulfill the Framework’s standards, guidelines, and policies.

As outlined in section 2.2.5 of the Framework, personnel must be able to display an “Understanding of entity’s services, processes and controls environments.” The IT operations team uses this report to gain an understanding of the entity’s current cyber risk status, and to provide a view of any identified risk to other stakeholders. This report contains areas of focus which map directly to different sections of the Framework, to better illustrate adherence.

Tenable.sc consolidates and evaluates vulnerability data across the enterprise, prioritizing security risks. This vulnerability consolidation and evaluation provides entities with a concise method to fulfill the requirements of the Framework. The chapters of this report are designed to assist with different areas of IT and InfoSec operations. Managers can utilize this report as a starting point and use the chapter that is related to their specific needs. The chapters provide vulnerability details ranging from patch management to Operational Technology (OT). Within each chapter the vulnerability details and affected hosts for several areas of the Framework, provide the operations team with the ability to plan and execute on a concise and effective mitigation strategy.

Tenable.sc tracks the mitigation process for vulnerability data. Entities are able to use this tracking process to display success and quantify risk mitigation efforts, and how they conform to the Framework. Within the Framework, the entity is required to demonstrate mitigation efforts and activities in addition to risk and configuration management. Tenable.sc unifies vulnerability and configuration data collected throughout the Entity, providing a comprehensive interface and detailed operations reports to communicate the security posture to team members and executives alike. This report is available in the Tenable.sc Feed, a comprehensive collection of reports, Assurance Report Cards, and assets. The report is located in the Tenable.sc Feed under the category Compliance & Configuration Assessments.

The report requirements are:

  • Tenable.sc 5.15.0
  • Nessus 8.11.1

Managing compliance with Qatar 2022 Cybersecurity Framework grows more complex with each newly discovered vulnerability and new requirement. The State of Qatar requires Entities and business partners to conform to the Framework. Tenable.sc enables risk managers to divert to areas needing attention and reduce the time needed to keep the auditors satisfied. To assist with compliance, Tenable.sc has the ability to monitor configuration compliance with pre-defined checks against industry standards and regulatory mandates including NIA, ISO 27000, PCI and the Qatar 2022 Cybersecurity Framework.

This report contains the following chapters:

  • Executive Summary - The Executive Summary provides an overview of scan frequency and vulnerabilities over time, vulnerability trending using Tenables Vulnerability Priority Rating (VPR) , and a compliance summary of well-known controls.
  • Data Protection - Data Protection focuses on preventative measures that data in motion is effectively secured to prevent data loss.
  • Change and Patch Management - Change and Patch Management focuses on preventative measures that ensure any asset affecting changes are securely deployed.
  • Network Security - Network Security focuses on protecting network and infrastructure systems.
  • Endpoint Summary - Endpoint Security focuses on protecting all endpoints such as servers, desktops, laptops, wireless devices, mobile devices and other devices from cyber threats.
  • Web Application Security Flaws - Application Security focuses on reducing risk within applications, thereby decreasing the likelihood of successful exploitation.
  • Operations Technology and Security Monitoring - Operations Technology Security Monitoring focuses on mission critical systems that make up critical infrastructure operations such as water, oil, gas and electricity.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Try Tenable Web App Scanning

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable One Exposure Management platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Your Tenable Web App Scanning trial also includes Tenable Vulnerability Management and Tenable Lumin.

Buy Tenable Web App Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try Tenable Lumin

Visualize and explore your exposure management, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Your Tenable Lumin trial also includes Tenable Vulnerability Management and Tenable Web App Scanning.

Buy Tenable Lumin

Contact a Sales Representative to see how Tenable Lumin can help you gain insight across your entire organization and manage cyber risk.

Try Tenable Nessus Professional Free

FREE FOR 7 DAYS

Tenable Nessus is the most comprehensive vulnerability scanner on the market today.

NEW - Tenable Nessus Expert
Now Available

Nessus Expert adds even more features, including external attack surface scanning, and the ability to add domains and scan cloud infrastructure. Click here to Try Nessus Expert.

Fill out the form below to continue with a Nessus Pro Trial.

Buy Tenable Nessus Professional

Tenable Nessus is the most comprehensive vulnerability scanner on the market today. Tenable Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year.

Select Your License

Buy a multi-year license and save.

Add Support and Training

Try Tenable Nessus Expert Free

FREE FOR 7 DAYS

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Already have Tenable Nessus Professional?
Upgrade to Nessus Expert free for 7 days.

Buy Tenable Nessus Expert

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Select Your License

Buy a multi-year license and save more.

Add Support and Training