INCIBE plays a fundamental role in bringing cybersecurity closer to the general public and businesses
Alberto Hernández
Cybersecurity is already one of our society's main concerns. We are increasingly aware that the use of technology brings with it associated security risks and we have to manage them properly, both at the country and at the citizen level. Cybersecurity crisis, such as the "Wannacry" one that occurred last May, have marked a before and an after in the perception that society has of cybersecurity and have produced a fundamental change in the awareness in our country.
The National Institute of Cybersecurity (INCIBE), a body reporting to the Ministry of Energy, Tourism and Digital Agenda through the Secretariat of State for the Information Society and the Digital Agenda, has as its main mission to improve the cybersecurity of the general public and the private sector in Spain, from small and medium enterprises to strategic companies and critical infrastructure operators.
Our activity focuses on three fundamental areas, all of them with the aim of improving cybersecurity in Spain.
The first consists of the output of public services focused on both prevention and awareness as well as detection and response in case of a cybersecurity incident or cyberattack.
There are numerous activities that we carry out to bring cybersecurity closer to the general public and industry, always in a transparent and uncomplicated way, humanizing cybersecurity.
This is to say, we all use technology and therefore we have to care about, understand and deal with cybersecurity. We have to give this message not only to parents, but also to children and young people and to the elderly. The same goes for industry. We also know that there are many large companies that invest in cybersecurity, as well as small and medium companies, which account for more than 95% of companies in Spain, also have to work on it and this is our job: to inform them and help them to achieve it.
WE HAVE MANAGED TO IMPROVE OUR DETECTION CAPACITY
In the field of detection and response, INCIBE has been operating since 2012, in joint coordination with the National Centre for the Protection of Critical Infrastructures (CNPIC) of the Ministry of the Interior, and the Security Incident and Security Cybersecurity Incident Response Centre CERTSI. From the CERTSI we work intensely in the development and improvement of the proactive detection capacity of cyberincidents or cyberattacks that happen in Spain and which affect the general public and private sectors, to detect them, analyze them and bring them to the attention of those affected before they have a significant impact. Through the CERTSI we have managed 108,696 security incidents as of September 30th, and if we compare this figure with that of the past years (115,000 in 2016, 50,000 in 2015 and approximately 18,000 in 2014) we see that this number is growing year by year. On one hand, this increase is due to the fact that we have significantly improved our detection capacity, and that as time goes on the general public and industry report more cases because it increases their level of confidence regarding INCIBE, and not only this, but also because the number of cyberattacks It is increasing considerably.
For proactive detection, INCIBE does not monitor the activity of the general public or companies, something that would quite likely undermine their confidence in INCIBE,
but within the framework of national and international collaboration agreements and also with the cybersecurity industry itself, we establish information exchange mechanisms that allow us to make this detection.
However, it is not only meaningful to detect what is happening, but also to analyze it and inform the public and companies affected. Accordingly, INCIBE is an international reference, having grown and implemented a quite innovative service, where thanks to the collaboration with ISPs (Internet providers such as telecommunications operators) we can proactively identify the IPs of users infected by some type of malware and we can communicate this directly through the ISP helping them in disinfection. This service is a clear example that cybersecurity has to be constructed between all agents, being the collaboration between the public sphere and the private sector fundamental in the protection of our the general public and companies.
WE SUPPORT STARTUPS
As a second axis of activity, INCIBE works in the development of innovative technologies to combat cybercrime, as well as in the training of police investigation units working in this field. Noteworthy is the Cyber Security Summer Boot Camp initiative, organized jointly by INCIBE and the Organization of American Countries (OAS), where, only in 2017, there were 300 people belonging to the FCSE, national CERTs and judges and prosecutors from 29 countries who were trained in the latest cybersecurity practice, techniques and trends.
Finally, highlighting INCIBE's mission to support the development of
the national industry in the cybersecurity field, this is to say, we work to achieve a more competitive industry in the international arena and to support start-ups, entrepreneurship and the promotion of talent. There are studies on the considerable unmet demand for cybersecurity professionals in Europe, which is also the case in Spain.
From INCIBE, we are supporting initiatives to promote interest among young people to dedicate themselves to this sector, identifying talent and establishing contact with companies.
There is still a considerably amount to do, but I think we are on the right path. Proof of this is the European cybersecurity competition, a European Cybersecurity Challenge, where the Spanish team made up of 10 young talents, became the European champion last year. This shows that there is talent in Spain and that the activities we are carrying out are bearing fruit.scovering vulnerabilities as a challenge or fun.
In short, for INCIBE the three major challenges of cybersecurity in Spain in which we will continue to work, consist of: being aware and protected as a country, having talent and young people who can work on this matter in the future, and making cybersecurity a global sector that we can sell abroad.
