Español
English
Deutsch
At CSIRT, we offer specialized legal advisory services for affiliated local entities. Our team of legal experts is prepared to help you navigate the complex cybersecurity regulatory framework, ensuring that your organization complies with all applicable regulations and laws.
We know that public administrations face unique challenges in the field of sensitive information and compliance with security regulations. Therefore, we provide guidance so that these institutions comply with the security and privacy standards established in current legislation, including the National Security Framework (ENS) and the General Data Protection Regulation (GDPR).
Included services
The National Security Framework (ENS) is a set of guidelines and regulations established by the Spanish Government to ensure the security of information systems used by public administrations and other public sector bodies. Its main objective is to ensure that information systems are secure, reliable and resilient, protecting both data and technological infrastructure against threats such as cyber attacks or unauthorized access.
In this context, CSIRT-CAN offers a specialized service to support entities that need to carry out an ENS audit for the first time or to carry out the control audit every 2 years, depending on the entity's accreditation level.
What does the service consist of?
- Initial assessment: A comprehensive diagnosis of the entity's current situation is carried out, evaluating compliance with the requirements established by the National Security Framework (ENS).
- Action plan: Security gaps are identified and a detailed plan is designed to ensure that the entity meets the required security levels.
- Implementation of security measures: The entity is supported in applying technical, operational and organizational measures to protect public information and ensure its integrity.
- Support during the audit: Continuous assistance is provided during internal and external audits, ensuring that the entire process is carried out with transparency, efficiency and in accordance with established standards.
With the implementation of the General Data Protection Regulation (GDPR) and the Organic Law on Data Protection and Guarantee of Digital Rights (LOPDGDD), public entities are required to meet a series of requirements regarding the protection of personal data. CSIRT-CAN offers a specialized audit service to help entities assess and improve their personal data management practices.
Through this audit, the aim is for companies to certify data appropriately and in compliance with applicable regulations at all times regarding their systems.