The government has approved the charter of the new Cybersecurity Agency of Catalonia, the body which, within the competences of the Government of Catalonia, will develop a public cybersecurity service and ensure and strengthen the security of networks and information systems in Catalonia.

Following a meeting of the Executive Council today, the Minister for Digital Policy and Public Administration, Jordi Puigneró, appeared at a press conference to report on the decisions taken. The minister said: “A digitally advanced country needs to ensure security in the digital environment.” The Catalan government is committed to establishing a “public cybersecurity service” with the capabilities required to achieve this goal. 

Puigneró said: “In the 21st century, cyberthreats are a real risk for a digital society and for citizens. Public authorities therefore have a duty to act.” This means providing Catalan citizens, businesses and institutions with a public cybersecurity service tasked with protecting them. The new cybersecurity agency will perform the following functions:

• prevent, detect and respond to cybersecurity incidents, deploying appropriate protection measures;
• play a lead role in protecting actors in the territory of Catalonia from existing threats;
• ensure the cybersecurity of the Administration of the Government of Catalonia and its public sector and, where appropriate, other public entities and institutions, local authorities, and natural and legal persons in Catalonia;
• perform the functions of a Computer Emergency Response Team (CERT) in Catalonia;
• minimise damage and recovery time in the event of a cyberattack; provide support to any competent authority in the exercise of its public functions;
• investigate and analyse cyber incidents and cyberattacks; and
• collect relevant data from entities that manage public or essential services in Catalonia in order to determine the security status of information, report to the Catalan government, and propose appropriate measures.

The Agency will be responsible for implementing the Cybersecurity Strategy of the Government of Catalonia (2019–22), approved today by the Executive Council. The Strategy focuses on tackling five challenges to ensure the advancement and protection of Catalan society and digital administration:

• A cybersecure country
• A public cybersecurity service
• A cybersecure administration
• A culture of cybersecurity
• Innovation, talent and economic activity related to cybersecurity

The Cybersecurity Strategy will serve to guide development of the National Cybersecurity Plan for Catalonia, which will include details of specific actions and initiatives.