Category

Cybersecurity

TCAB participates in the event on the Cybersecurity Regulation organized by AMETIC

By | Acreditación, AMETIC, Auditoría, Centro Criptológico Nacional, Cyber-security, Cybersecurity, ENISA, EU Cybersecurity | No Comments

AMETIC, the Spanish ICT Business Association has organized an informative event on the new European regulation “Cybersecurity Act”, which from June 2019 will regulate the implementation of a common European framework for the certification of “Cybersecure” ICT products and services to promote cybersecurity of online services and consumer devices.

This European regulation not only seeks to increase the confidence of users in relation to the use of connected devices, but also to strengthen the European cybersecurity industry and the European Single Market, positioning it as a reference worldwide, in line with other markets such as the United States or China. The European Union Agency for Network and Information Security (ENISA), which through this regulation will be named as the new European Agency for Cybersecurity, will coordinate and harmonize policies at European level, and will support Member States in the implementation of plans and national strategies in the fight against threats and cybersecurity attacks.

Antonio Cimorra, director of Information Technologies and Digital Agenda of AMETIC, highlighted during the opening of the session the advances that the digital transformation has introduced in society, as well as the importance of ensuring cybersecurity. He also commented on the measures that, from AMETIC, and particularly from the Cybersecurity Commission where important suppliers of this technology meet, are being developed in this field. Cimorra also highlighted the association’s support for the new European initiative.

Later, Ignacio Pina, Technical Director of the National Accreditation Entity (ENAC), explained that, “although the regulation will not be mandatory at the beginning, as far as certification is concerned, it is spected that the market will regulate itself fostering its adoption “. Pina added that “certification in itself does not generate security, but rather seeks to build trust among consumers”. In this regard, he commented that “the transition between current national certification schemes in force and the new common European framework will be gradual”. On the other hand, he stressed that “the role of the industry in defining the certification schemes that derive from this regulation, is essential for them to be aligned with market needs.”

Implications of “Cybersecurity Act”

Next, Cybersecutity focused round table was held witht the motto “How does the Cybersecurity Act impact on companies in the digital sector ?”.

Round table was presented by David González, president of the AMETIC Cybersecurity Commission and Head of Sales for Europe and North Africa of G & D. The participants were Mariano José Benito, CISO of GMV; Jesús María Alonso, Head of Consulting Spain of ATOS; Ainhoa ​​Inza, CEO of TCAB (Trust Conformity Assessment Body), and Miguel Bañón, CEO of EPOCHE & ESPRI.

They discussed the implications of the certification regulation for the activity of companies in the digital sector, and the following steps to address in this new scenario.

In general, the participants commented that it is a very positive initiative since, despite being a voluntary regulation for the time being, it is expected that its impact on the market will increase the number of certified secure ICT products in a significant way. They also highlighted that, for Spain, it is an opportunity for consolidation at the European level in terms of cybersecurity, taking advantage of the fact that the Spanish certification ecosystem is among the best considered in Europe.

On the other hand, it has been highlighted that, since there is no penalties framework within the regulation, it is important for companies to detect the benefit of certification, such as the impact on the consumer in terms of trustworthiness. They have also commented that the objective of this initiative is that consumers “get used” to verify that those ICT products or services that they buy or consume, carry the seal of safety certification.

Finally, the presentation by the expert representative of the National Cryptological Center (CCN), an entity that currently coordinates the work of certification in cybersecurity at the national level, addressed how the new Scheme will be adopted in Spain. CCN has coincided with other speakers in the great opportunity that “Cybersecurity Act” supposes for the European and Spanish cybersecurity industry when it comes to positioning Europe in line with other markets.

24-28/09: Date with NIS Summer School in Greece

By | Ciberseguridad, Cybersecurity | No Comments

The fifth edition of NIS Summer School on Network and Information Security (NIS’18) will take place from 24th to 28th September in Heraklion (Greece).

NIS Summer School is organized by the European Union Agency for Network and Information Security (ENISA) and the Foundation for Research and Technology (Hellas). The meeting will reunite for four days different players in the sector such as the Public Administration , private sector companies and non-profit organizations.

This edition’s focus is “The Changing Risk Landscape”. The IT sector lives in constant evolution, which poses significant challenges. Due to this, the actors involved must accelerate their reaction time and encourage the exchange of collaboration and information to achieve adequate and effective responses to the challenges that may arise.

With this Summer School, ENISA seeks to promote a culture of cybersecurity in the EU. The aim is to  improve the capacity of Member States when responding to cyber-attacks. ENISA follows a risk mitigation strategy by raising awareness and publishing studies and reports on current NIS issues.

Disseminating works on Cybersecurity Threat Intelligence

Non-profit organizations working in Cyber Threat Intelligence will have the opportunity to present their work during the event, which may be related to Horizon 2020 projects, national academic research, development projects and open source communities.

Presentations at NIS Summer School

During NIS Summer School there will be a large number of speakers who come from both the public and private sectors and the university environment. Specifically, the following stand out:

  • Nektarios Tavernarakis (FORTH President)
  • Udo Helmbrecht (ENISA Executive Director)
  • Damien Cauquil (Head of Research & Development Digital Security – Econocom)
  • Piotr Kijewski (Strategic Programmes Manager The Shadowserver Foundation)
  • Prof. Dr. Ir. Bart Preneel (Full Professor Katholieke Universiteit Leuven)

 Data of the event

Date: 24th-28th September, 2018
Place: Galaxy Hotel Iraklio – Leof. Dimokratias 75, Iraklio 713 06, Grecia
URL: https://nis-summer-school.enisa.europa.eu/

To see  NIS Summer School 2018 program, click here.

NIS Summer School 2018

Event on cybersecurity held by ENISA last April 24th

By | Ciberseguridad, Cyber-security, Cybersecurity | No Comments

On April 24th, a new edition of the event on cybersecurity organized by the European Network and Information Security Agency, ENISA, took place in Brussels (Belgium).

The conference was aimed at small and medium enterprises (SMEs), professional associations and public bodies related to the Internet of Things (IoT) and certification activities.

The objective of the event was, on the one hand, to increase awareness and deepen knowledge of the IoT and Industry 4.0 and its effect on the European cybersecurity market. On the other hand, it sought to increase collaboration among the members of ENISA by identifying common interests.

In addition, the ENISA Industry Event provided participants with an overview of the EU Certification Framework and its relationship with the European cybersecurity industry.

About “ENISA Industry Event”

The event, organized since 2015, serves to share knowledge about the cybersecurity sector. The fundamental objective of this activity is none other than to build a community in the cybersecurity sector in both the public and private sectors of the EU.

If you want more information about the event, please click here.

To consult the agenda of the day, please click here.

International Security Forum 2018 (FIC) to be held in Lille shortly

By | Cybersecurity | No Comments

The tenth edition of the International Security Forum 2018 (FIC) will be held next 23 January to 24 January 2018 in Lille (France).

This event is considered as the leading event on Cybersecurity and Digital Trust in Europe. It aims at promoting a collective European vision of cybersecurity and strengthening fighting against cybercrime.

This year’s topic is “Hyperconnection: the resilience challenge”. We are inmersed in a “hyperconnection” era like never before, people are connected at all times and interact continuously.

In order to communicate, we use networks, which pose resilience challenges. Networks are vulnerable and, therefore, they respond in different ways to the consequences of an attack. Most Governments and IT companies in the world are trying to respond to these threats by developing new security technologies and adopting their behaviors and practices. This set of changes and new practices is now called “Cyber Resilience”.

The International Security Forum 2018 (FIC) will count with the presence of important public personalities such as the French Interior and Defense Ministers, the the Secretary of State for Digital Economy and the European Commissioner for the Security Union.

There will also be numerous speakers with different backgrounds, i.e. engineering and IT companies (Thales, Airbus, Google, among others), Universities (University of Grenoble Alps), Public Sector (Ministry of the Armed Forces of France, European Commission, European Parliament, etc.) and International Think Tanks (Carnegie Endowment for International Peace).

The fair is divided in the following sections:

  • A Trade show to bring together members of the industry and their products and services.
  • A Forum to discuss and debate with experts, to gather ideas and to share professional lessons .
  • An Observatory to continue exchanging views and information after the FIC, to explore topics in greater depth and to consolidate our network of experts and like minded throughout the year.

The event will be held in at the Lille Grand Palais and the opening hours will be:

  • Tuesday, January 23th 2018 – 09:00 to 19:00.
  • Wednesday, January 24th – 09:00 to 18:00.

 

José Antonio Mañas receives the Prize for a Professional Career

By | Cybersecurity | No Comments

José Antonio Mañas, a member of TCAB Certification Committee, has received the Award for a Professional Career. The Vice-President of the Government, Soraya Sáenz de Santamaría, awarded this prize during the XI CCN-Cert Conference.

Our fellow worker has been a Systems Engineering Professor  at the Technical School of Telecommunications Engineers of Madrid (ETSIT) for over 35 years.

He has also worked as a consultant in different projects. Two fundamental milestones are the creation of the version 2 of the Magerit methodology for Risk Analysis and Management of Information System. He also collaborated in the development of the PILAR/EAR risk management tools in collaboration with the National Cryptological Center-CCN.

José Antonio also has a broad professional experience in the research field. He has written several books on the Telecommunications and Cybersecurity fields. Among others, he has written “Vademecum Java”, “Seguridad de las Tecnologías de la Información” and “Seguridad de las Tecnologías de la Información”.

 

 

About the XI STIC CCN-Cert Conference

XI STIC CCN-Cert Conference took place in Madrid in December 13th and 14th, 2017.  The National Cryptological Center organizes it and is is a major meeting point for experts in cybersecurity in the country, Public Administrations and strategic companies in the field.

Its main topic in this edition was “Cyber threats, the challenge of sharing“. The main figures have steadily grown in the last years. In this edition there were over 1,700 attendees and more than 700 companies from various fields. 55 professionals from the cybersecurity field presented their products and ideas, among 150 proposals.

The Conference also had 30 sponsors, among which, IBM, Minsait-Indra, Eulen Security, Nextway, Kaspersky, Telefónica and Isdefe; and also 13 collaborating entities, such as AMETIC, the Center for Industrial Cybersecurity (CCI), ISACA and ISMS Forum Spain.