Código de Derecho de la Ciberseguridad

Código de Derecho de la Ciberseguridad

Cybersecurity Law Code

Cybersecurity Law Code

There is a European Directive, Directive 2016/1148, regarding the measures aimed at guaranteeing a high common level of security in the networks and information systems of the Union. This Directive has a couple of articles related to the security of networks and information systems for essential service operators and digital service providers.

Article 14 states that «Member States shall ensure that operators of essential services shall take appropriate and proportionate technical and organizational measures to manage the risks to the security of the networks and information systems» used in their operations. Adequate and proportionate measures to manage the resulting risks to the security of the networks and information systems» used in their operations. Given the situation, these measures will guarantee a level of security of the networks and information systems that is adequate in relation to the risk posed.”

Likewise

The competent authority or the CSIRT (acronym for Computer Security Incident Response Teams) must also be notified without undue delay of incidents that will have significant effects on the continuity of essential services provided so that they can be taken. Institutional or national measures in this regard, where appropriate.

In addition, in June 2019 the EU Cybersecurity Regulation entered into force, and introduced:

  • A certification system for the whole EU,
  • A new and strengthened mandate for the EU Agency for Cybersecurity.

The EU has established a single EU-wide certification framework that builds trust. It increases the growth of the cybersecurity market and facilitates trade across the EU.

In Spain we have a Cybersecurity Law Code, published in the Official State Gazette. Ensuring the aforementioned cybersecurity.

Regarding cybersecurity

Cybersecurity Law Code

At a technical and organizational level it is necessary to take into account the new European Data Protection Regulation. Regulation (EU) 2016/679. As well as the existence of other types of international protocols or standards. Especially those related to the international transfer of data, such as the Privacy Shield.

These are just some of the rules that protect cyberspace. But there are many more detailed ones that regulate even more specific aspects.

Therefore, cybersecurity covers many subjects related to criminal and civil law, and the protection of honor or privacy, among others, that are also applied in the real and physical world. The resulting impact due to the fact of occurring in the digital world.

Also, on 15 September 2022 The European Commission published a proposal for a Cyber Resilience Act (the ‘Regulation’), which aims to:

  • improve transparency so that users can take cybersecurity into account when selecting and using a product with digital elements.

The Regulation will affect a wide range of parties in the technology supply chain. Here you will need to consider how the additional cybersecurity requirements will affect your manufacturing and distribution processes. Although most of the obligations will take effect 24 months after entry into force. Manufacturers will only have 12 months to comply with the Act’s reporting obligations.

Sources:

  • technologylawdispatch
  • enisa.europa.eu
Ciberseguridad, una prioridad creciente

Ciberseguridad, una prioridad creciente

Companies vulnerable and cybersecirity as priority

companies vulnerable and cybersecirity as priority

companies vulnerable and cybersecirity as priority

Recently, there has been a staggering rise in cybersecurity threats. This is primarily due to the coronavirus pandemic. Increased geopolitical tensions, and cloud and IoT adoption have made companies vulnerable to more frequent and damaging cyber-attacks creating a greater need for security infrastructure and talent.

It is fair to say that convergence can be good for vendors but challenging for users. For many organizations, the prospect of any software platform conversion means more costs, more and possibly different licenses, and added usage. Also, product convergence eliminates competition, potentially leading to higher prices and fewer choices.

Today’s organizations need a cloud-based platform that supports centralized management of remote, mobile, and access to the data center or cloud, and:

  • Unifies access policies for on-premise and cloud deployments
  • Addresses the nuances of enterprise mobile security
  • Reports on the health of all appliances and devices
  • Provides a mass-provision workspace for deploying patches and features

Other challenges these organizations face include

  • Error-prone access management.
    Managing access security appliances on a box-by-box basis is time-consuming for resource-strapped IT teams – and it’s an approach that is prone to error.
  • Disparate point solutions.
    Separate solutions for remote, local, and mobile enterprise access increase equipment expenditures, operational overhead, and compliance complexity.
  • Burdensome bulk operations.
    Without centralized management capabilities, IT teams can’t easily perform firmware updates and policy changes across the enterprise, or replicate configuration and polices from one appliance to many.

Identity

Identity started with a focus on humans. Thus, identity is something that can describe a person with a consistent set of details/attributes. But in the era of digital transformation, it is not limited to human identity only.

A comprehensive identity platform allows for a common user experience across multiple applications and systems (both legacy and modern). In addition, it will enable consumers and distributed workforces to use the same authentication method to access applications and resources across different enterprises.

Soffid  helps organizations increase the maturity of their program. By protecting your company from breaches, thereby, still aiding in productivity, competitiveness, and maintenance of regulatory framework.

Sources:

(1) computer.org
(2) Technology Hits
(3) Solutionsreview

Picture: <a href=’https://www.freepik.es/fotos/grafico’>Foto de Gráfico creado por rawpixel.com – www.freepik.es</a>