西班牙MSS方案 - Pablo FernandezCCN-CNI 西班牙.pdf

《西班牙MSS方案 - Pablo FernandezCCN-CNI 西班牙.pdf》由会员分享，可在线阅读，更多相关《西班牙MSS方案 - Pablo FernandezCCN-CNI 西班牙.pdf（6页珍藏版）》请在三个皮匠报告上搜索。

1、Operational Trust:How MSS Certification Will Reshape Cyber Resilience in EuropeSPANISH APPROACH Based on the National Security Framework(ENS).(16 years old)+MSS certification is carried out using the CCN-STIC 896.Public Sector Providers(mandatory).Private providers that provide services to the publi

2、c sector.Private sector in general(voluntary/recommended).Model Basis1Alignment with Europe2Scope of application3Key Principle:Dual Assurance Model4 Aligned with the NIS2 Aligned with the CSA+Security of the infrastructure supporting the services(ENS certification and Guide 896 specific mandatory re

3、quirements).Operational capacity and capabilities of the service(resources,skills,processes,procedures,and technology).Operational Trust:How MSS Certification Will Reshape Cyber Resilience in EuropeSpanish scheme is not certifying only the service provider,but the complete service supply and its env

4、ironment.HOW DOES THE 896 MODEL WORK?CCN-STIC 896(Certi MSS)defines how to structure,evaluate,protect and certify MSS services.ecurity ControlsBased on the ENS.Presenting at least Medium Level/Category Certification or 36 ENS measurs selected.Reinforced with specific and mandatory requirements for M

5、SS services.SOCs Maturity LevelENS+Guide CCN-STIC896 combination helps to move forward higher maturity level of operations.Security Controls(Horizontal layer)Based on the ENS,reinforced with specific and mandatory requirements for MSS services.(36 controls)Certified Services(Vertical layer)The model

6、 covers the entire cybersecurity life cycle:These services reflect the complete lifecycle of incident management as well as cybersecurity capacities and capabilities on execution.Each service is broken down into specific capacities and capabilities(e.g.,monitoring,threat hunting,