Bcsc Libro Blanco V7.1 En.Pdf

Bcsc Libro Blanco V7.1 En.Pdf

CONTENTS 1. PREFACE ....................................................................................................................... 3 2. GLOSSARY .................................................................................................................... 4 3. THE BASQUE CYBERSECURITY CENTRE ................................................................. 6 4. METHODOLOGY ............................................................................................................ 8 5. SECTOR ACTIVITY IN THE BASQUE COUNTRY ...................................................... 10 5.1 Sector data and statistics ....................................................................................... 10 5.1.1 Basque Country Players .................................................................................. 10 5.1.2 Threats to the Basque Country ........................................................................ 12 5.1.3 Cybersecurity in industrial environments.......................................................... 15 5.1.4 Cybercrime ....................................................................................................... 16 5.2 Cybersecurity Research in the Basque Country ..................................................... 18 5.3 Cybersecurity Innovation and Entrepreneurship in the Basque Country ................ 21 6. PROFESSIONAL PROSPECTS AND NEEDS ............................................................. 24 7. LISTING OF CYBERSECURITY COMPANIES AND SOLUTIONS ............................. 29 7.1 Market Players ........................................................................................................ 30 7.2 Description of the taxonomy ................................................................................... 31 7.3 Company listing ...................................................................................................... 35 7.3.1 Manufacturers .................................................................................................. 39 7.3.2 Wholesaler / Distributor .................................................................................... 47 7.3.3 Integrator / Consultant ..................................................................................... 50 7.3.4 Public Administration ....................................................................................... 80 7.3.5 University ......................................................................................................... 82 7.3.6 Vocational Training centres .............................................................................. 84 7.3.7 Basque Science, Technology and Innovation Network .................................... 86 7.3.8 Associations ..................................................................................................... 89 8. CONCLUSIONS ............................................................................................................ 93 9. BIBLIOGRAPHY ........................................................................................................... 95 WHITE PAPER ON CYBERSECURITY IN THE BASQUE Page 2 of 95 COUNTRY 1. PREFACE Today the adoption of technology by society has posed a challenge for the public and private sectors which had to get involved in current breakthroughs to meet the new society and market demands, as new technologies are integrated in their development at an increasingly faster rate. New technology adoption has entailed not only the digital transformation of society, public organisations and businesses, but also the emergence of new threats and risks. In order to minimise the impact of new threats and risks on the EU, the European Commission has launched a cybersecurity strategy aimed at promoting the European values of freedom and democracy as well as safeguarding the safe growth of the digital economy. To this end, the EU has recently passed the Network and Information Systems Directive (known as NIS Directive) among other regulations and directives, to boost the cyber-resilience of IT systems, reducing the impact of criminal activity on the internet while strengthening the international EU cybersecurity and cyber defence policy. Furthermore, the General Data Protection Regulation (EU) 2016/679 (hereinafter, GDPR) passed on 27th April by the European Parliament provides a new legal framework regarding data protection for the entire EU. The GDPR reinforces privacy principles and regulates new rights for data subjects and new obligations for data controllers, all on the basis of a new accountability and proactive responsibility principle which imposes high diligence duty of care upon organisations involved in operations entailing personal data processing. Against this backdrop, the Basque Country, as an example of advanced modern society, is heading towards a more cohesive, increased security and resilience social model. Thus, thanks to the initiative led by the Basque Government, the Basque CyberSecurity Centre (hereinafter, the BCSC or the Centre) was created under the organisational structure of the Basque Business Development Agency or Association for Competitive Transformation – Eraldaketa Lehiakorrerako Sozietatea S.A. (hereinafter, SPRI), dependent on the Basque Government Department of Economic Development and Infrastructures. The purpose of this study is to provide an overview of the general Basque cybersecurity Ecosystem scenario, showing an analysis of the cybersecurity sector, including key factors such as prospects and opportunities for the sector, as well as describing in detail the current situation of cybersecurity organisations operating in the Basque Country. WHITE PAPER ON CYBERSECURITY IN THE BASQUE Page 3 of 95 COUNTRY 2. GLOSSARY Includes the definition of some terms used in this document: ▪ Threat: Refers to any event leading to an incident that may cause material or non- material damages to assets. Events may be of different types such as: natural, industrial, unintentional mistakes or intentional attacks. ▪ Big Data: Refers to the management and analysis of extremely large data sets which cannot be processed using conventional data processing methods, as they exceed the limits and capacities of the software tools usually employed in data capture, management and processing. ▪ Cloud Computing: Refers to a type of computing that enables technology providers to offer IT services via Internet. This enables software and other data to be offered to clients upon request. ▪ Computer Security Incident Response Team (CSIRT): Refers to an infrastructure made up of a team of experts responsible for developing preventive and corrective measures to respond to security threats in IT systems. ▪ Firewall: Refers to a network security system designed to prevent unauthorised access and allow authorised access. It consists of a device or a set of devices set up to allow, limit, code or decode traffic among different areas based on a set of rules and other criteria. ▪ National Cybersecurity Institute (INCIBE): The Spanish National Cybersecurity Institute reports to the Spanish Ministry of Economy and Business (MINECO) through the Secretary of State for Digital Advancement (SEAD). It refers to a benchmarking institution nationwide for the development of cybersecurity and digital trust for citizens, the Spanish Academic and Research Network (Red Iris) and businesses, and particularly for strategic sectors. ▪ Industry 4.0: refers to the introduction of digital technology in manufacturing and industrial environments. This means the digital transformation is applied to the production process. ▪ Malware: Refers to malicious software designed for multiple purposes including the extraction of personal data and passwords, stealing funds or preventing users from accessing their own device or information, etc. ▪ Open-source: Refers to software distributed under a type of software licence which allows the source code to be freely used for analysis, modification and improvement, and even shared by the end user, provided he/she has the necessary knowledge, ▪ Security Policies: Refers to internal policies implementing technical and organisational measures necessary to ensure secured information technologies (computing devices, information systems, networks, etc.) and security for those interacting and using the services associated with them. WHITE PAPER ON CYBERSECURITY IN THE BASQUE Page 4 of 95 COUNTRY ▪ Ransomware: Refers to a type of malicious software that infects equipment and enables cybercriminals to lock a device from a remote location and encrypts the files, preventing the control of stored information and data. Malware launches a pop-up window demanding ransom payment, usually in a virtual currency (such as bitcoins). ▪ General Data Protection Regulation (GDPR): Regulation (EU) 2016/679 of the European Parliament and the Council of 27th April 2016, for the protection of natural persons in the scope of the processing of their personal data and free movement of such data within the EU, which replaces the Data Protection Directive 95/46/EC. ▪ Spam: Refers to irrelevant, unsolicited messages or messages sent from unknown senders (spam), typically for advertising purposes and generally sent to a large number of users (even massive) causing damage to the recipient in some or several ways. ▪ Spyware: Refers to software that gathers data from a computer to then forward them to a third party without the consent or knowledge of the data subject. ▪ ICT: Information and Communication Technology

View Full Text

Details

  • File Type
    pdf
  • Upload Time
    -
  • Content Languages
    English
  • Upload User
    Anonymous/Not logged-in
  • File Pages
    95 Page
  • File Size
    -

Download

Channel Download Status
Express Download Enable

Copyright

We respect the copyrights and intellectual property rights of all users. All uploaded documents are either original works of the uploader or authorized works of the rightful owners.

  • Not to be reproduced or distributed without explicit permission.
  • Not used for commercial purposes outside of approved use cases.
  • Not used to infringe on the rights of the original creators.
  • If you believe any content infringes your copyright, please contact us immediately.

Support

For help with questions, suggestions, or problems, please contact us