CCN-STIC-301

security measures TIC


"/> CCN-STIC-301 security measures TIC to implement Systems is a Classified technical instruction compulsory for all systems that use classified information "/>. PAe - New Guide CCN-STIC à mettre en Classified Systems
accesskey _ mod _ content

New Guide CCN-STIC à mettre en Classified Systems

22 january 2020

The Guide CCN-STIC-301 security measures TIC to implement Systems is a Classified technical instruction compulsory for all systems that use classified information.

It is available for consultation in the private party portal CCN-CERT , CCN-STIC-301 (Opens in new window) "href =" https :// www.ccn-cert.cni.es/series-ccn-stic/300-instrucciones-tecnicas/56-ccn-stic-301-requisitos-stic/file.html "rel =" noopener noreferrer "target =" _ blank "> Guide CCN-STIC-301(Opens in new window) security TIC à mettre en Classified Systems. The purpose of this technical instruction all minimum CALLED “ CONSPICUOUS ” RELIGIOUS SYMBOLS which must be implemented in the public authorities, when handling classified information in the modes of operation “ dedicated ”, “ when a unified ” or “ compartmentalized ”.

The Guide is particularly necessary in a context of increasing the cyber attacks, coupled with the possible consequences that for a country would have to a security incident would affect their systems to manage classified information. This entails the need to increase and enhance the capacities of prevention, monitoring, surveillance and response, through cyber security Operations ( SOC ), as a means to optimize its resources on the basis of information and the services they provide.

The content of this guide, binding on all systems that use classified information, is organized in accordance with differentiated three annexes:

  • Annex: Requirements STIC for that specific information systems handling classified
  • Annex B: Requirements STIC for that specific information systems handling classified until limited broadcast
  • Annex C: Statement of Applicability ENS high status for limited broadcast.

An important aspect of the document is included, for the first time, the security measures to apply to annex II Royal Decree 3/2010, of 8 january (Opens in new window) , which regulates the national security in the area of E-government. Thus, the measures referred to in subparagraphs (a) shall take such as a reference.

Original source of news (Opens in new window)

  • Security