The council of ministers has decided that tuesday, the launching of a package of urgent proceedings in terms of cyber security. The aim is to strengthen immediately the capacities of defence against cyber threats on the public sector and on the entities that provide services and technologies at the same.
The agreement adopted include the adoption of an emergency Plan of cybersecurity, updating the national security and the promotion of measures to increase the level of cyber-technology suppliers of public sector.
These actions will strengthen effectively the capacity for prevention, detection, protection and defence against the realization of the cyber threats. In addition, it ensures that the digital transformation accompanied by organizational and technical measures provided to security risks, which promotes confidence in the use of digital technologies by the economic players and citizenship.
Emergency Plan of Cybersecurity
Among the measures that includes this emergency plan include protection against malicious code (especially the type aimed at the destruction of the information through its encryption), the extension of services for the detection of cyber threats in user equipment, the implementation of the monitoring of remote logins, strengthening the capacities of search for threats, enhancing the capabilities of ciberinteligencia, the extension of the implementation of the use of the second factor in the identification and authentication, the deployment of capacities for notification of and follow-up to the ciberincidentes, business continuity and disaster recovery, sensitizing and training, and the revision of the regulation of cybersecurity.
The second proceedings of the package agreed by the government this tuesday, is the updating of national security, which dates back to a stage with a policy context, social and technological development which has undergone a radical change. It shall be processed and urgently adopt a royal decree which replaced the Royal Decree 3/2010, of 8 january, which regulates the national security in the area of E-government.
The national security (NHIS) offers a common approach of basic principles, requirements, protective measures and mechanisms for monitoring compliance and committed, adapted to the public Sector in the ongoing management of security for the administration. The NHIS is a blueprint of application to public Sector entities and indirectly, the private Sector entities that cooperate with those in the provision of public services. It Is an essential tool to ensure that the administration is digital robust and reliable.
Security in the private sector
The third action is to promote and encourage the adoption of policies, standards and safety management in the private sector in particular by increasing the level of cyber-technology suppliers of public Sector given the evidence that of a cybersecurity agency was also conditional on their suppliers.
Implementation of the centre of cyber security Operation of the General state administration and its Agencies (COCS)
Simultaneously to the implementation of the urgent action package in terms of cyber security, runs the implementation of the centre of cyber security Operation of the General state administration and its Agencies (COCS).
The COCS will strengthen the capacities for monitoring, prevention, protection, detection, response to incidents of cybersecurity, counselling and support for the management of security of a centralized mode, through the relevant service catalogue, which through optimization and economies of scale allows for better effectiveness and efficiency, with the savings of money, effort and time derivatives.