National Strategy of Cybersecurity
published in the BOE of 30 april 2019 develops the forecasts of the national security strategy 2017 in the area of cybersecurity, according to the general objectives, the objective of the area of cybersecurity and the lines of action set out to achieve this. Will respond well to the mandate of the national security council of 16 july 2018 published in the BOE of 10 august.
Since the issuance of the strategy of 2013 has settled the governance of national cybersecurity and the National Council of cybersecurity, support body of the national security council, one of its pillars; the legal framework has evolved with milestones as amending the national security to ensure the security of the public Sector, published in november of 2015, the entry into force of the royal Decreto-ley 12/2018, of 7 september, network and information systems, which transposes to the spanish legal system the directive (EU) 2016/1148 (known as Directive NIS), and the promulgation of act no. 36/2015, of 28 september, the national security council which covered the cybersecurity as an area of particular concern.
Subsequently, the national security strategy 2017 has consolidated the fact that security should occupy a niche for themselves and differential treatment, taking into account both the impact of digitalisation as a force for change with implications for cyber security beyond the merely field for the protection of technological heritage in the political, economic and social council, such as the nature of cyberspace as a vector of strategic communication, which can be used to influence public opinion and in the way of thinking of people through the manipulation of information, misinformation campaigns or hybrid nature.
The strategy is structured into five chapters.
Chapter 1 “ cyberspace as global common ” presents opportunities and challenges of cyberspace and digital infrastructure describes the inherently international approach to their safety and describes the main features of the new concept of cybersecurity in Spain.
Chapter 2 “ threats and challenges in cyberspace ” examines the major threats and challenges of cyberspace facing Spain.
Chapter 3 “ Purpose, principles and objectives for cyber security "is set forth the purposes and principles governing the strategy (unity of action, anticipation, efficiency and resilience), as well as the objectives, one general and specific five are transversal to all areas.
- Overall objective: spain will ensure the safe use of cyberspace, protecting the rights and freedoms of citizens and promote the achievement economic partner.
- Objective 1: security and resilience of networks and the information and communications systems of the public sector and essential services.
- Objective II: secure and safe Use of cyberspace vis-à-vis their illicit use or malicious.
- Objective III: protection of entrepreneurial ecosystem and social council and the citizens.
- Objective 4: culture and commitment to security and enhancing human capacities and technologies.
- Objective V: security of cyberspace at international level.
Chapter 4 “ lines of action and measures ” sets out the lines of action addressed to the achievement of established goals.
- Action line 1. To strengthen capacities to threats originating in cyberspace.
- Action line 2. To Ensure the safety and resilience of the strategic assets for spain. Includes the following measures: “ 3. Ensure the full implementation of the National security, the system of protection of critical infrastructure, and compliance and harmonisation of legislation on protection of critical infrastructure and essential services, with a priority approach based on risk. ” and “ 5. The Development Of the centre of Cyber Security of the General state administration to improve the capacity for the prevention, detection and response, and promote the development of centres of cybersecurity in the autonomous communities and local levels. ”
- Action line 3. Strengthening the capacities of investigation and prosecution of cybercrime, to ensure the safety and protection of rights and freedoms in cyberspace.
- Line of action 4. Promote the safety of citizens and companies
- Action line 5. Enhance cybersecurity spanish industry and the creation and retention of talent, for the strengthening of the digital autonomy.
- Action line 6. To contribute to the security of cyberspace at international level, to promote an open, plural cyberspace, safe and reliable, in support of national interests.
- Action line 7. Develop a culture of cybersecurity.
Chapter 5 “ cybersecurity in the system of national security ” integrates the cybersecurity in the current system of national security with the following components:
- The national security council.
- The Committee, Only on the whole system of national security to crisis situations.
- The National Council of cybersecurity.
- The Standing Committee of cybersecurity.
- The National Forum of cybersecurity.
- The competent public authorities and CSIRT national benchmarks.
Secretariat-General for administration Digital (SGAD)
contributes to this collective effort as a member of the National Council of Cybersecurity
in which, moreover, its holder is the Vice-President, and also for his leadership role, in close collaboration with the CCN
in the development process National security scheme (NHIS)
, and the promotion of common and shared services
in particular shared service managed security
materialized in the From the AGE of Cybersecurity
among other actions.
Original source of news