Cybersecurity in Spain: new obligations for the company, more rights for citizens

Companies face new obligations in transparency policies to avoid cyberattacks

Cybersecurity regulations establish for the first time security requirements in the private sector for essential service operators and for digital service providers that may face penalties of up to one million euros

The rise of new technologies, globalization, anonymity on the Internet, are some of the factors that have led companies to be increasingly vulnerable to new attacks in cyberspace. Since the problem is global, an international approach is required by developing legislation and collaborating internationally between States so that there is greater transparency to manage crises and prevent other attacks.

This was revealed during a conference organized last Monday by Andersen Tax & Legal to address the main changes, risks and penalties to which companies are subjected, as well as the measures to comply with the new obligations of the Regulation that develops Royal Decree-Law 12/2018, with the participation of Alberto Hernández, General Director of INCIBE (National Cybersecurity Institute), and Vicente Moret, of Counsel of the Cybersecurity area of ​​the firm and Congressional Attorney.

INCIBE receives between 20 and 40 thousand daily notifications of infected systems or networks in our country, Alberto Hernández said during his speech, of which, he explained, more than 70% are resolved on the same day. Last year the Institute managed more than 111 thousand cyberattacks, far from the 18 thousand they managed in 2014. The main cause of this volume of cyberattacks, Hernández said, is “the misuse of technologies, the low level of user awareness and high dependence on technologies in our society ”, although the key factor insisted, is“ misinformation and fake news”.