PAe - New Guide CCN-STIC to implement on systems Classified
the accesskey _ mod _ content

New Guide CCN-STIC to implement on systems Classified

22 January 2020

The Guide CCN-STIC-301 safety measures to be implemented in TIC Classified Systems is a technical instruction binding on all systems to handle classified information.

Already available for consultation, in the private part of the portal of CCN-CERT, CCN-STIC-301 guide (Opens in new window) security measures of the TIC to implement on systems Classified. The object of this instruction technique is set minimum STIC requirements that must be implemented in systems of public administrations, when handled classified information in modes sure operation “ devoted ”, “ unified to the top level ” or “ compartmentalized ”.

The guide is especially needed in a context of increased cyberattacks, coupled with the potential consequences for a country would be a security incident affecting their systems that handle classified information. This implies the need to increase and improve the capabilities of prevention, monitoring, surveillance and response, through operations centres of cybersecurity (SOC), as a way to optimize their resources based on information that handle and the services they provide.

The content of this guide, binding on all systems to handle classified information, is structured around three distinct annexes:

  • Anexo A: Requisitos STIC específicos para sistemas que manejan información clasificada
  • Annex B: Requirements for specific STIC systems that handle classified information until limited diffusion
  • Annex C: Declaration of Applicability ENS category High for dissemination limited.

An important aspect of the document is included, for the first time, security measures to implement with Annex II of Royal Decree 3/2010, of January 8th (Opens in new window) , which regulates the national security Scheme in the area of E-government. In this way, the measures referred to the preceding paragraphs shall take these as a reference.

Original source of the news (Opens in new window)

  • Security
General access point
General access point