The Spanish legal framework for cybersecurity is relatively unique compared to other EU Member States for the broad and thorough set of regulations which constitute it. Javier Arnaiz Vidella, Senior Associate in New Technologies, Cybersecurity, Risks and Data Protection at ECIJA, discusses this subject via Data Guidance with particular reference to the National Security Scheme […]
Our cyber-security department is composed of a team of professionals with a technical and legal background who are specialists in the area.
In order to implement information security management systems (ISO 27001 and 27002), business continuity (ISO 22301), risk management (ISO 31000), as well as other standards and regulations such as the Spanish Security Framework, risk & compliance, ECIJA has a multidisciplinary team, and specific management tools that make it possible to perform the following processes in a dynamic, effective and continuous manner (following the PDCA cycle, amongst other processes:
- Inventory of processes and assets
- Analysis and management of risks
- Management of security requirements, projects and actions resulting from management systems
- Management of audits and incidents
- Management of records of the regulatory framework
ECIJA’s cyber-security department performs essential work in research, assistance and protection in the event of breaches of security, incidents, and complaints, by conducting specific technical analyses, forensic analyses, and gathering electronic evidence, etc.
Linked news and articles
This interview was published by Legal 500. Read the full article here. Please provide an overview of the legal framework governing privacy in your jurisdiction (e.g., a summary of the key laws, who is covered by them, what sectors, activities or data do they regulate, and who enforces the laws enforced)? The legal framework governing […]