Technology The Administration continues to shield itself: Red.es awards its cybersecurity operations center...

The Administration continues to shield itself: Red.es awards its cybersecurity operations center for 2 million euros

After the government hastily approved its national cybersecurity plan last year, just a few days after the war in Ukraine broke out, the different entities of the General State Administration they continue to shield themselves.

The Government has already awarded Telefónica and Indra the constitution and service of its Cybersecurity Operations Center, for more than 40 million, and it is expected to be fully operational in the second half of this year.

The Official State Gazette publishes this Thursday the formalization of a contract: the start-up of the Cybersecurity Operations Center —CiberSOC— service for Red.es, a public business entity attached to the Ministry of Economic Affairs and Digital Transformation.

The chosen contractor has been GMVa Spanish business group that began to grow after its birth in the 80s after being chosen as the contractor of the European Space Operations Center (ESOC) of the European Space Agency.

As the person responsible for the Red.es SOC service, the company will have to ensure the security and response capacity of the entity against cyber threats. For this she will also collaborate in the programs of ethical hacking —penetration tests contracted by Red.es to third parties— and will improve the institution’s operations in the face of these digital challenges.

The formalization of the contract, valued at about 2 million euros, was signed on February 1, although the technical and administrative specifications of the contract were known in the middle of last year and the service was actually awarded at the beginning of this same 2023 .

The wording of the project contemplates the possibility that this new CiberSOC of the public sector joins the network of security operational centers (SOC) that the Government also presented almost a year ago. The cybersecurity sector has been encouraging both the public and private sectors for years to be more collaborative sharing information about threats.

The head of Cybersecurity of Google Cloud sees the cloud as “an immune system” in which companies will want to be: this will be the digital threats of 2023

Hackers at a cybersecurity conference, Def Con, in 2017.Hackers at a cybersecurity conference, Def Con, in 2017.

Everything that surrounds a cyberattack and its effects and consequences is usually shrouded in a halo of mystery and opacity: no organization is interested in third parties pointing out their vulnerabilities, especially when these have been able to significantly affect their operations and even their customers. .

However, from the point of view of specialists in the field, the possibility of sharing information helps other companies to benefit from the experiences of the first victims of a computer attack. Depending on the type of challenge, it will only be possible to be closer to immunity if information flows.

The appearance of security operations centers such as the ones that Red.es is launching now helps precisely in this sense, given that their functions can also range from threat analysis to prevention, training, rejection and incident response.

The technical specifications of the contract already awarded stipulate that this Red.es CiberSOC “must maintain a holistic and strategic vision of cybersecurity”, analyzing it “in a corporate, transversal, multi-departmental context” and making “when appropriate, recommendations or suggestions for any level or area”.

In addition to proliferation, the Government announced last year the launch of a system to exchange information on threats, which could become a network of lookouts for digital threats.

The protection of Red.es, for its part, is crucial: this public entity is one of the organizations that is most promoting the digitization of the economy through aid programs for SMEs and companies.

In the year 2021, in the span of just a few months, the Public Employment Service (SEPE) suffered a cyberattack with ransomware. Then the Ministry of Labor fell. For weeks, officials found it difficult to work normally. The appearance of SOC throughout the General State Administration is the logical response to those incidents.

NO COMMENTS

LEAVE A REPLY

Please enter your comment!
Please enter your name here