The publication of the Resolution of the Council of Ministers n.º 92/2019, of 5 June, approved the National Strategy for Cyberspace Security 2019-2023, giving it the quality of a structuring instrument for national capacity building, defining its framework, its objectives and the lines of action of the State in matters of cyberspace security, in accordance with the national interest. Based on three strategic objectives - maximizing resilience, promoting innovation and ensuring resources -, whose implications and needs associated with each of these strategic objectives allow the definition of a general and specific orientation, the Strategy is translated into six axes of intervention, which shape concrete lines of action aimed at strengthening the national strategic potential in cyberspace:
Cyberspace security framework;
Prevention, education and awareness-raising;
Protection of cyberspace and infrastructure;
Responding to threats and combating cybercrime;
Research, development and innovation;
National and international cooperation.
As an essential instrument for monitoring and evaluating its implementation, the National Strategy for Cyberspace Security 2019-2023 is based on an Action Plan, and the National Cybersecurity Centre, as the National Cybersecurity Authority, is responsible for coordinating its drafting, monitoring its implementation and reviewing it in articulation and close cooperation with all entities with responsibility in the field of cyberspace security.
Given the dynamics of cyberspace, and specifically in light of the rapid technological development in the field of cybersecurity, the preparation of the Action Plan seeks to provide for biannual periods that allow for a closer monitoring in terms of short-term execution, while allowing for a perspective of medium and long-term needs and orientation to achieve the objectives set out in the National Strategy for Cyberspace Security 2019-2023. To this end, and in line with the provisions of the Resolution of the Council of Ministers n.º 92/2019, of 5 June, which adopts the National Strategy for Cyberspace Security 2019-2023, the Action Plan is reviewed annually.
Law n.º 46/2018 of 13 August establishing the legal regime for cyberspace security, transposing Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 on measures to ensure a high common level of network and information security across the Union, grants the Higher Council for Cyberspace Security the competence to prepare annually, or whenever necessary, an evaluation report on the implementation of the National Strategy for Cyberspace Security.
According to the same diploma, the annual evaluation report on the execution of the National Strategy for Cyberspace Security will have to be sent to the Parliament until 31 March of the year following that to which it refers.
As the National Cybersecurity Centre is responsible for coordinating the drafting, monitoring the implementation and review of the Action Plan of the National Strategy for Cyberspace Security 2019-2023, and also for logistical and administrative support to the Higher Council for Cyberspace Security, the National Cybersecurity Centre actively participates in the drafting of the evaluation report on the implementation of the National Strategy for Cyberspace Security 2019-2023.
is the total number of activities included by Public Administration bodies and services in the Action Plan since 2019
of the activities included in the Action Plan aim at empowering organisations in cybersecurity
of the activities included in the Action Plan aim at empowering people in the safe and informed use of technologies and cybersecurity
of the activities carried out in 2020 met, surpassed or anticipated the targets initially set
of the Public Administration services and bodies participating with activities for the Action Plan have included activities in 2020 for their technological capacity building in cybersecurity
of the activities developed in 2020 for the technological capacity building of organisations were focused on the development of cybersecurity capabilities
people benefited from training and awareness-raising actions on cybersecurity and digital skills included in the Action Plan