New Spanish guide on the notification and management of cyber-incidents

By Alexander Benalal, Maria Berlanga


Spain goes one step further in network and information systems security by publishing a national guide on the notification and management of cyber-incidents - the first of its kind in Europe.

The document, which was recently approved by the National Cybersecurity Council, responds to Spanish companies' growing need for information regarding cybersecurity.

It should be noted that not only Public Administrations, but also organisations considered critical infrastructures or strategic operators within their field and / or operators of essential services or digital service providers under the terms of the Royal Decree 12/2018 on security in networks and information systems (transposing NIS Directive) and the Law 8/2011 on Critical Infrastructures ("Ley PIC") are obliged to inform the competent authorities about any cyber-incidents they suffer.

As well as the entities required to report cyber-incidents, this document is designed to be an essential reference guide in which every entity, public or private, citizen or agency can find a scheme and precise guidance about how and where to report a cybersecurity incident which has occurred within its sphere of influence.

The document also establishes a one-stop notification system and includes a classification of incidents by type (abusive content, harmful content, intrusive, fraudulent content, etc.) and catalogues them by hazard levels (critical, very high, high, medium or low), helping the analysis, containment and eradication of cyber-incidents.

In addition, this guide establishes how the incident opening process will be carried out and the interaction with the relevant CSIRTs (security incident response teams), detailing the minimum information which must be given to the competent authority and describing the different phases concerning the management of cyber-incidents (preparation, identification, containment, mitigation, recovery and post-incident actions).

In our opinion, this document - together with all existing cybersecurity regulations - will help Spain to have an increasingly effective framework for preventing and managing the threats and risks currently facing our systems and will provide our society with the security required by our institutions and economy.

You can consult the cyber incidents guide here (in Spanish).