As part of the National Cybersecurity Authority (NCA) efforts to enhance the national cybersecurity, the NCA introduced Haseen (an Email Authentication initiative) to enhance the protection against Email Spoofing threats. Haseen aims to reduce the cyber risks on email services by authenticating the domain names of the email service of national entities.
Haseen Initiative Objectives:
Help national entities to implement Email Authentication Protocol DMARC by providing Haseen platform tools and technical guidelines.
Monitor and notify the national entities in the event of an unauthorized use of the entity’s Email domain names.
Haseen Platform Enables Entities To:
Lookup the Entity’s implementation level of Haseen Initiative.
Create DMARC, SPF, and DKIM domain name records.
Lookup DMARC, SPF, and DKIM domain name records.
Educate the Entities on the importance of activating DMARC protocol and provide means of implementation.
This initiative applies to government organizations in the Kingdom of Saudi Arabia (including ministries, authorities, establishments and others) and its companies and entities, as well as private sector organizations owning, operating or hosting Critical National Infrastructures (CNIs), which are all referred to herein as “The Organization”. The NCA strongly encourages all other organizations in the Kingdom to leverage this initiative to implement best practices to improve and enhance their cybersecurity.
Following the NCA’s strategy in cooperation and partnership with other entities, NCA encourages all entities to add Haseen’s email address to the entity’s DMARC record, which enables the Haseen platform to collect and analyze reports, received from all email service providers automatically.
To comply with the Essential Cybersecurity Control (ECC – 1: 2018, control 2-4-3-5), The NCA urges all entities to implement the proposed mechanism of applying the DMARC, DKIM, and SPF protocols in the technical guideline, which aligns with the operations continuity of email services.