City Council implements new system to effectively manage cyber threat alerts

Subsidized with European funds for Digital Transformation, the center guarantees the security of the infrastructures, communications and digital services provided by the Consistory and improves its ability to prevent, detect and respond to attacks or incidents.
The Estepona City Council has activated a new information security system for the effective management of cyber threats. The physical hardware device has been deployed in the Data Processing Center (CPD) and is allowing the collection and centralized storage of files (logs), detection and advanced management of threats, as well as the effective management of the response and forensic analysis of all those that potentially affect the information systems of the City of Estepona, so that a rapid response is given to those that come to materialize.
Likewise, this action encompasses a set of measures aimed at improving the information security of the Consistory, allowing to have the capacity to detect, analyze and respond to security incidents that may occur in the networks and information systems.
The development of the new cybersecurity operations center has been financed through grants for the Digital Transformation and Modernization of the Administrations of Local Entities, from EU Next Generation funds. Specifically, a total of 54,557.91 euros has been allocated to this project.
The City Council has carried out several actions for the implementation of the system such as the implementation of cybersecurity infrastructures to improve protection and secure the perimeter of the entity, as well as a correct configuration, administration, control and management of the same; the implementation of tools and services for monitoring, prevention, detection, analysis, response and advice, as well as the design, implementation and operation of cybersecurity processes; the creation of a cybersecurity dashboard; a management and operation plan; and a training plan for the staff.
All this makes it possible today to guarantee the security of the infrastructures, communications and digital services provided by the City Council and to improve its capacity to prevent, detect and respond to attacks or security incidents; to have a tracking system that allows the monitoring of the systems; sharing all the information with other public administrations integrated in the National Platform for Notification and Monitoring of Cyberincidents; improving the protection of the information processed and stored in all the information systems of the City Council; protecting the continuity of the digital services provided to the citizens from the City Council; and protecting and guaranteeing the normal municipal activity.
Likewise, IT technicians have been trained in cybersecurity, in particular to correct configuration failures, prevent and/or remedy incidents.
To make all this possible, all the necessary surveillance devices and technologies have been acquired; organizational and technological elements have been implemented, such as the SIEM tool for the provision of surveillance, prevention, detection, analysis, response and advice services. Likewise, the installation and parameterization of the v SOC platform, the definition of a management and operation plan, and the implementation of a training plan, both for personnel with a technical profile and for other public employees, have been carried out.